Your Information and GDPR
Houlbrook Physiotherapy Ltd collects information relating to patients’ health and personal details. This information is classed as sensitive data and termed as special category data. Under the new General Data Protection Regulation, (GDPR), patients of Houlbrook Physiotherapy have a right to know why their information is collected, for what purpose it is used and how it is kept safe. Patients also have greater rights to access the information that Houlbrook Physiotherapy holds.
Why is information collected?
For a detailed and accurate physiotherapy assessment and treatment to take place, information about a patients current and past health need to be obtained. Under the GDPR Houlbrook Physiotherapy has a legitimate interest in the patients’ information and that is part of the contract between a health professional and their patient. This information allows us to give patients the best treatment possible.
How is this information used?
Information such as addresses and phone numbers allow for appointments to be changed and for us to provide the treatment at your place of residence.
Medical details allow for a detailed assessment to take place which will help us diagnose and treat the problems that you have.
In some instances, with your consent, there will be communication with the referring GP or consultant.
Who has access to your information?
All staff of Houlbrook Physiotherapy are bound by patient confidentiality laws, the standards of conduct, performance and ethics of the Health Care Professions Council (HCPC) and the Chartered Society of Physiotherapy (CSP) code of conduct. Your information will not be shared outside Houlbrook Physiotherapy unless you have given consent, except when;
requested by law
in your best interests and you are unable to give consent
in the public interest to prevent serious harm to others
How is your information stored?
The initial assessment is written on paper that it destroyed by incineration once it has been transferred onto the electronic record which is kept on a computer that is password protected with robust security measures to prevent loss of information. All Information is backed up on to an external hard drive that is encrypted and kept under lock and key when not in use.
All notes will be kept for a period of 8 years after the last treatment or date of death at which point they will be permanently deleted.
How can you access your records?
You have the right to request to see the information that Houlbrook Physiotherapy holds about you. All requests will be answered in the time frame of one month unless you are notified of a difference to this time scale. There will be no fee for information provided.
Requests can be made either verbally or in writing to:
Houlbrook Physiotherapy, Lower House Farm, Clotton Nr. Tarporley, Cheshire, CW6 0EG. Tel: 07840130956
In the instance where requests are excessive or unfounded, Houlbrook Physiotherapy has the right to refuse and/or charge for time spent. This does not affect the individuals right to complain to the ICO to seek judicial remedy. Where a fee is deemed appropriate Houlbrook Physiotherapy will not comply with any requests until the fee is received.
Your right to amend, restrict and object to the information held.
Under the GDPR all individuals have the right to have incorrect information that is held about them amended. If this was to arise within the notes held by Houlbrook Physiotherapy the notes would become restricted, i.e not used until the issue was resolved. However, if Houlbrook Physiotherapy deems the information to be accurate then no amendment will be made.
You have the right to have the information we hold restricted;
if you contest the accuracy,
you need the information kept to establish, defend or exercise a legal claim
you object to the information held.
In this instance all treatment will be stopped until the issue is resolved. You also have the right to object to Houlbrook Physiotherapy holding your personal information on grounds relating to your particular situation and as with restriction, all treatments will stop and the notes will become restricted until the issue is resolved.
How is your information kept safe?
Notes stored by Houlbrook Physiotherapy are kept on a password protected computer, stored in an encrypted folder within a password protected word document. There are robust security measures on the computer to prevent and minimise the risk of information theft. Information is backed up onto an external hard drive that is encrypted and stored under lock when not in use. Where notes are recorded on paper at the initial assessment they will be kept only within a locked car in transport and then incinerated once transferred onto the electronic record. When information is shared with others, GP’s for example it will either be sent via encrypted email, recorded delivery or hand delivered.
Houlbrook Physiotherapy will take the utmost care to ensure that your personal information is safe whilst it is under our care. In the unlikely event that this safety was compromised you will be notified immediately as will the Information Commissioner’s Office, ICO.