The Policy and Principal for Holding Data
- Lawful under British law, fair & transparent.
- Accountable to demonstrate compliance with this policy.
- Limited in scope, adequate & relevant for the purpose of running the clinic.
- Kept while you are under treatment and to comply with legal requirement only.
- Protected from breech with notification procedures.
Why we hold your Data
We hold your personal data only when you have given us permission to do so and in order to register you, make appointment bookings and keep track of payments. We must also securely store your personal data as a legal requirement.
Where is your Data being Held?
- a) Computer diary data is held on local computers with secure passwords and use is limited to the participating physiotherapists only.
- b) Written data is held in a locked secured cabinet with key access restricted to the participating physiotherapists only.
- c) Telephone message handwritten notes are destroyed as soon as they are no longer needed
Who holds what Data?
The Data Controller is responsible for all Data access and storage. Each individual treating Physiotherapist is responsible for maintaining Privacy and preventing Data breech of both electronic and manual files.
For how long is Data held?
It is held for legal reference for a minimum of 8 years for adult and 12 years for minors as a requirement by law
How else do we Protect your Data?
We will never pass your Data to a third party, without your permission. We do not allow others to use our patient lists. We will notify you promptly in the event of ant breech of your personal data.
What Rights do you have once you have given your Data?
You have the right to access your personal data through the Data Controller or your Physiotherapist and have your data corrected. A copy of the data we hold about you can be provided if you request it in writing.