Data collection and privacy policy.
As a result of the General Data Protection Regulation (GDPR) incorporated in the UK by the Data Protection Act (2018) we are required to provide you with information about how we collect and use your personal data.
Your data is processed by Weymouth Physiotherapy whose principal business address is 50 Springfield Road, Weymouth DT3 5RN. For the purpose of the act Weymouth Physiotherapy is defined as a data controller.
The data controllers data protection officer is Mr Carl Neal and he can be contacted via email at [email protected]
What information do we collect and when?
We collect and process information anytime you interact with our clinic. This may be through email, telephone, social media, website visits, completion of online forms or when you visit the clinic in person.
In addition to your basic contact information (name, date of birth, address, telephone number, email address) we may also collect other relevant details such as GP details, current and past medical health issues, information regarding your presenting problem. medications, findings from assessments, and social information such as lifestyle and employment.
We also use cookies to see how you interact with us when visiting our website and with any emails that we send to you.
How we use (process) this information ?
We use any information you provide us with to give you information that may be relevant to you so that you can make an informed decision regarding the management of your presenting problem. This may come in the form of emails, telephone calls, mail or social media.
If you become a patient, we will use your information to provide a legal record of our assessment and any treatment or advice we provide. We will also use it to ensure continuity of care and to contact you in regards to your ongoing treatments.
Once you have completed your care with us we may contact you for various reasons. These include to request reviews / testimonials, to get an update on your condition and to send you any information that may be relevant to you.
How and when do we share your data
We need to inform you of other parties who we may share your data with. We may need to share your data internally to ensure continuity of care. Externally we may need to share your data with other medical professionals such as GP’s, consultants or other healthcare providers, and with third party and health insurance companies or intermediaries. However this will only be completed with additional consent.
We may also pass information to external agencies and organisations including the police for the prevention and detection of fraud and criminal activity. Should any claim by made by yourself against us, we may pass your personal information to our insurers.
Weymouth Physiotherapy DOES NOT share your personal data with any external parties for marketing or commercial processes.
How do we store your information?
We use several different services to store and process your data. Please read below for details. We take organisational and technical security measures to protect the information against unauthorised disclosure and or unlawful processing
Agile CRM
This is a customer relationship management software package. The cloud based system uses only high quality amazon and google clouds and assure the customer that all information is kept confidential. I
Writeupp
This is a patient and practice administration software package and is developed and owned by Pathway Software. This cloud based system uses Microsoft Azure to host your data. Microsoft Azure are an organisation that uphold the highest standards of privacy and data protection.
Rehabguru
Rehab guru is our exercise prescription software. It stores your name and your email address only plus details of any of the exercise programs we have sent you. It is operated by rehab guru ltd and ensures that the data it stores is secure according to GDPR conditions
Doxy.me
Doxy.me is our telehealth provider. It does not store any personal data about you. All audio and video communication is encrypted with point-to-point NIST approved 123 bit encryption ensuring high levels of security.
How long do we store your records?
We retain your information for as long as reasonably necessary to provide our services and to maintain records to satisfy medical records legislation, accountancy purposes and other legal requirements.
For non-medical information we will keep your data indefinitely.
For medical data some of the time limits imposed on us are a result of our statutory obligations. Weymouth Physiotherapy will store medical data for eight years from the point of last contact as a result of our statutory obligations. In the case of children we are required to store data until their 25th birthday or if the patient was 17 at the conclusion of treatment until their 26th birthday.
Your rights
Importantly you have a number of rights with regards to the data that we hold about you. For example, you can request access to your data and can require that we rectify or erase it. You can also opt out of any communications we send to you.
Any request to change your information will be properly considered. however, this does not automatically mean that we are able to agree to your request, as we may have other obligations that outweigh your rights. Please put any requests in writing to the email address listed above.
We take all reasonable steps to ensure that our information is kept up to date and rectified if necessary. It is also your responsibility to inform us of any personal information changes.
Further information
The legislation covering data protection is quite complex. We have tried to keep this document brief and clear to help you understand your rights in respect to the personal data that we process. Should you require further information or in the event that you are not content with how we are managing your personal data please contact Mr Carl Neal using the contact details supplied
You should also be aware that you have the right to lodge a complaint with the UK's independent data regulator the ICO, see details below
https:ico.org.uk/concerns/