Ropergate Physio Clinic complies with GDPR requirements by:
1. Being transparent with Processing of Data – Personal data is only required to provide a service as agreed with you and to allow compliance with legal obligations. We collect personal data that is necessary for us to provide a service to you. This includes your name, date of birth, contact information, correspondence and communication between your healthcare team, and necessary information regarding the health condition you are requesting treatment for and any relevant previous medical history. All personal data collected during the assessment and treatment will be used only in relation to physiotherapy treatment plan.
2. Limiting of Collected Data to what we need – collecting personal information that is necessary to allow us to provide a service to you. The information collected is the minimum required to fulfil legal, accounting, taxation, and contractual agreements to provide healthcare service. If you do not provide this information, we may be unable to provide a service.
3. Limiting Kept Date – not collecting or retaining excessive amounts of data and not keeping the data for longer than necessary.
4. Ensuring date is Accurate – keeping your personal information up to date and accurate. Should your personal information change please contact: [email protected]
5. Limiting Storage of Personal Data – storing and destroying it securely. Personal data is stored on a secure online platform.
6. Ensuring integrity and Confidentiality – protecting personal date from loss, misuse, unauthorised access or disclosure.
7. Holding accountability – ensuring appropriate physical and technical measures are in place to protect it.
Ropergate Physio Clinic will only process your personal data for the purposes of:
Providing healthcare appointments and services.
Maintaining our own healthcare accounts and records.
Communicating with 3rd party data controllers as necessary
Improving our services
Meeting our legal obligations
Your personal data is treated as strictly confidential and will only be shared with:
(a) smilenotes.co.uk is the system we use for your consultation cards and notes, they are secured on their database and are password protected.
(b) the 3rd party data controller who, professionally, may have referred you to us (e.g. your GP or Consultant);
(c) if necessary, and in the patient’s best interest, update or share discharge reports with another healthcare professional in relation to the healthcare matter you have consulted us about.
In order to comply with my professional and legal obligations as a member of the Chartered Society of Physiotherapy any health-related information will be kept for a period of 8 years from the date of last entry. I have a professional and legal obligation to process your data to keep an accurate record of my interaction with you in accordance with my membership of the Chartered Society of Physiotherapy. I also have a legal obligation to maintain financial information for tax recording purposes . However further to this, under certain circumstances, by law you have the following rights to access your records should you wish. You are able to withdraw consent at any time. On notification of your request, personal information will no longer be processed unless there is a legitimate legal requirement.
This Policy was formulated on 9th August 2023. If Ropergate Physio Clinic wish to use your personal data for a new purpose not covered by this Data Privacy Notice, then we will provide you with a new notice explaining this prior to commencing the processing and we will set out the relevant purposes and specify processing conditions. This privacy policy will be reviewed annually or at times requiring change to practice.
If you have any concerns regarding the way in which Ropergate Physio Clinic process your data is or you would like to make a formal complaint, this will be taken seriously for lessons learnt, for transparency, and best practice. You may request a ‘Complaints Policy’. If necessary, incidents may be escalated up to CSP (Chartered Society of Physiotherapy) and / or HCPC (Health and Care Professions Council). You also have the right to make a complaint to the ICO (the data protection regulator in the UK). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please do contact us in the first instance.
