The general data protection regulation (GDPR) is effective from 25th May 2018 and will replace the current UK Data Protection Act 1998.
Steve Bailey and Clare Flintham, trading as foot, knee and back clinic acknowledges their responsibility to develop and maintain awareness and practises, within the business, to protect data privacy.
We are committed to continuous assessment and improvement of our data protection systems and by implementing processes, procedures and training, will ensure that there is a legal basis for the process of all personal data.
Data protection officers are necessary for organisation processing large amounts of data. The foot, knee and back clinic does not fall into this category, therefore at present no data protection officer has been appointed. If there are any data protection quires please contact either Clare Flintham or Steve Bailey at the foot, knee and back clinic, 76 Derby Road, Long Eaton, Nottingham, NG10 2DY or via email at cl***@**********************co.uk
Foot, knee and back clinic GDPR privacy notice
What does this all mean?
The general principles of looking after your information and keeping it safe and secure remains as before. What has changed is that we now have to inform you how we do this. We have to be transparent with our data processes (what we do with the information we collect and why we collect it).
The foot, knee and back clinic only holds information that you provide for us to be able to;
- Contact you about your appointment
- Treat you and your problem in a safe and effective manner
- Process your payment
We have a legitimate business interest to hold your data.
How long do we store your information?
Your information will be deleted off the appointment system after 18 months and paper records will be archived after this time period. We are legally bound to hold health records for a mandatory period of time. At present it is a minimum of 7 years for an adult patient and 7 years after a child is 21 years old. After the required period of retention, your data will be destroyed.
Do you share my data with anyone else?
We are required to provide our accountant with data on financial transactions only. There may also be occasions where we it might be necessary to share information with your GP or other appropriate medical professionals. Your permission will be requested to do this. Very rarely we are obliged to liaise with safeguarding and or legal professionals, which may involve sharing medical notes and/or contact details. You will be informed if a request has been made.
You can make a request in writing to see a copy of any data held on you using the details below and we must respond to that request within 30 days. We have an obligation to confirm the identity of any person requesting data before acting on such a request.
Data protection request
Clare Flintham
foot, knee and back clinic,
76 Derby Road, Long Eaton,
Nottingham, NG10 2DY
via email at cl***@**********************co.uk
What data do we collect?
| Data collected? | What is it used for? | How is it stored? |
| Full name, postal address, telephone numbers, email address. | This information is used to identify you and to contact you about your appointment. We may also use email or postal addresses to send you information you have requested from us following your appointment. | · On our electronic appointment system. This is a secure encrypted cloud based system. It is protected by passwords and encryptions.
· Paper health records. Theses are stored in locked filing cabinets. |
| date of birth | To identify you
Only your date of birth remains constant. All other personal details may change. This is a vital bit of information to make sure that we are dealing with the correct person. |
· On our electronic appointment system. This is a secure encrypted cloud based system. It is protected by passwords and encryptions.
· Paper health records. Theses are stored in locked filing cabinets. |
| GP contact details | We sometimes need to send referral requests to your GP or inform them of problems that may be highlighted in an assessment. We always discuss this with you before any other health care professional is contacted. | Paper health records. Theses are stored in locked filing cabinets. |
| Personal health information | We need details about your medical history in order to treat you safely and effectively. Medication or treatment that we give you, may not be safe for you, if you have certain medical conditions or are on particular medication. | Paper health records. Theses are stored in locked filing cabinets. |
| Name and financial transaction | We use this to process your payment | Card receipts are kept in a locked filing cabinet.
Your name and payment details are passed onto our accountant to enable them to process our accounts and fulfil our obligation for payment of tax. Our accountant is also fully compliant with GDPR. |