Throughout this document ‘we’ means Helen Forth trading as Helen Forth Physiotherapy and includes any self-employed clerical staff who contract for us.
For the purposes of the DPA and GDPR we are the data controller and we are responsible for your personal data.
‘Personal data’ means any information that can identify you.
What Information we collect and when:
We collect and process information when you telephone the clinic to make an enquiry or appointment, when you email us, when you submit an enquiry via our website or if you visit the clinic in person.
At the point of enquiry or booking we may ask you for personal information that may include, but is not limited to;
Your date of Birth
Your telephone number(s)
Your email addresses
Private Medical Insurance (PMI) details (if applicable)
When you first visit one of the clinics you will fill out a patient registration form ensuring we have a complete record of the information listed above.
At your appointment, your Physiotherapist / Practitioner will ask for information regarding your general health, your previous health and information regarding the condition you are seeking advice about. We will ask for information regarding any activities you undertake, your employment and any medication you take. We will record the findings of a physical examination.
How we use this information:
The purpose of collecting personal information is to allow your practitioner to ensure they manage your case with the relevant due care and consideration for your age, your requirements and your condition.
Whilst practicing at Sherbourne Lodge Wellbeing Centre, Helen Forth Physiotherapy uses electronic records that are hosted by a third party (Cliniko). Likewise at Hadleigh Physiotherapy we also use electronic records that are hosted by a third party (Blue Zinc IT Limited). All information is kept electronically in a file that directly relates to your episode of care. Your patient registration form and any related paper notes are stored securely in locked filing cabinets.
We use this information:
1.To provide a legal record of any treatment or advice we give.
2.To ensure continuity of care.
3.To contact you regarding your ongoing treatment including sending appointment reminders and exercise programs by text message or email. We use third parties for these services: Cliniko, Blue Zinc IT Limited and Physiotec.
4.To contact you if new information or treatments become available that may be of benefit to you.
5.We may pass on information with your permission to other medical professionals who are involved in your care: this may include GPs, Consultants, Occupational Health Departments or other Health Care Professionals.
6.We may use your information for quality feedback purposes and service review.
7.We may use your information for audit purposes.
8.To invoice your PMI or to complete requested reports with your consent.
9.To write a letter to a school, or another person of interest to you with your consent. You will also receive a copy of this letter should you choose to.
We do not pass on your information for commercial purposes.
E-mail use Policy:
Your email address will be added to our database and may be used for contacting you regarding your appointments, exercise programs, clinic newsletters and other general information relating only to the clinics. Newsletters are mainly distributed by Mailchimp but may also be sent from Microsoft Outlook. If you do not wish to receive any of this information you can unsubscribe at any time via unsubscribe buttons or by emailing the appropriate practice: firstname.lastname@example.org or email@example.com.
Web based request forms:
If you fill out the contact me section on Helen Forth’s personal website (www.helenforthphysio.com) this request is sent to Helen Forth via email to be dealt with. Once dealt with I will then delete the relevant email.
How long do we keep personal information?
We have a legal obligation to retain records for 8 years after the conclusion of treatment.
If the record relates to a child or young person, the records must be kept until the patient’s 25th birthday or 8 years after death. Or, If the client is pregnant at the time of their first appointment, notes will be kept for 25 years.
We may retain electronic records indefinitely for use if you return for another episode of care and for analytical purposes.
How do we protect your information?
We have put in place security measures to prevent your personal data from being accidentally lost, used, altered, disclosed or accessed without authorisation. We also allow access to your personal data only to those employees or self-employed staff who have a business need to know such data. They will only process your personal data on our instruction and they must keep it confidential.
You are entitled to a copy of the personal information we hold about you and to have any discrepancies rectified. You can do this by written request to the address at the end of the policy.
Disclosure of your information:
We may pass information with your permission to other medical professionals who may be involved in your care: this may include GPs, Consultants, Occupational Health Departments and other Health Care Professionals.
This information may be passed on in the form of a written letter which is posted or if given to you, the letter becomes your responsibility and the protection of its content your responsibility.
If the information is passed electronically, it will be password protected and we will take all reasonable precautions to transmit the information securely.
Clinicians who receive work related emails or messages on their mobile telephones or other mobile devices, have their telephone, laptop and ipad password protected.
We will disclose your personal information where required to do so by law or in accordance with an order of a court of competent jurisdiction. We will also disclose your information if we believe that lawful disclosure is necessary to comply with the law and the reasonable requests of law enforcement or to protect the security or integrity of our service.
We have appointed a Data Protection Officer who oversees privacy related matters for us. If you have any questions about this privacy notice, please contact the data Protection Officer using the details set out below:
It is important that the information we hold about you is accurate and up to date. Please let us know if at any time your information changes by emailing us at either: firstname.lastname@example.org or email@example.com (if being seen at Hadleigh Physiotherapy).
We collect and process data because we have a legal obligation to do so and as such, we ensure it is adequate, relevant and limited to what is necessary. We only use your personal information to provide and improve our services to you.
By using our services, in any capacity, you agree to the collection and use of information in accordance with this policy.