Why do we collect your personal data and what do we do with it?
When you supply your personal details to this business they are stored and processed for 4 main reasons:
1) We need to collect your personal information about your health in order to provide you with the best possible treatment. Your request for treatment and our agreement to provide care constitutes a contract. You can, of course, refuse to provide any information but if you choose to do so, we will not be able to provide treatment.
2) We have what is known as; a legitimate interest to record your personal information because without it we would be unable to perform our job effectively and safely. It is also a legal requirement that as a registered osteopath with the General Osteopathic Council (GOsC), we store your personal details and health information for a minimum period of 8 years or until the patient turns 25 years old (if they were a minor at the time of their last treatment), following your last treatment. This law overrides any policy by the General Data Protection Regulation (GDPR). After this period, you can request for us to delete your records, otherwise we will retain your records indefinitely in order that we can provide you with the best possible care should you need us at some future date.
3) We also think it is important that we can contact you in order to confirm your appointments with us or to update you on matters related to your medical care. This constitutes a legitimate interest once again. You, as the patient, can however request at any point not to be contacted in this manner so please just let us know by any convenient method.
4) Provided we have your consent, we may occasionally contact you with our latest general health information, review requests or any discount codes/offers. We will not be able to contact you with this information without your opt-in, which you can do by updating your subscription settings with us. You can, of course, withdraw your consent at any point to avoid receiving this information.
How do we store data and who do we share it with?
We will never share your information with anyone who does not need access without gaining your consent. Only the following people/agencies will have routine access to your health information:
Cliniko – the medical records server who store and process our files
Your practitioner(s) in order to provide you with the best care
Administrative staff at DMO will NOT have access to your medical notes, just your essential contact details.
We also use MailChimp to coordinate our messaging services. Therefore, your contact details (no health information) may be saved on their server. They too have assured us that they are compliant with the General Data Protection Regulations.
All our practitioners are fully certified and registered with the relevant associations.