The processing of personal data is governed by the General Data Protection Regulation 2016/679 (the GDPR). This legislation will replace current data privacy law, giving more rights to you as an individual and more obligations to organisations holding your personal data.
I keep paper records for the purpose of treating you and I am legally required for insurance purposes to keep them for 7 years after your last treatment, and in the case of children for 7 years after they reach 18 years of age, after which it will be destroyed securely.
Notes are stored in a lockable metal cabinet.
With regards to emails, some patients and prospective patients return pre- 1st appointment questionnaires or tell me about their medical conditions and medication by email. My email is password protected, but I am unable to send or receive encrypted emails so you should be aware that any emails I send or receive may not be protected in transit.
I will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send to me is within the bounds of the law.
I use your name, address, telephone number and email address to make and rearrange appointments.
I will not share your personal data with any third party without your express permission.