We take our patients privacy/confidentiality and Data Protection seriously. Our patients have trusted us to provide their health care.
We have a responsibility to maintain the trust of our patients and our patients must be able to trust us with their information. Confidentiality is a legal requirement of practices and we confirm that The Health Equation conforms to the General Data Protection Regulations May 2018 and have a GDPR policy in place.
All of our patients are required to register with us when they first attend the practice letting us know their preferences for how we contact them. We regularly update their contact data and they can change their contact preferences at any time. We have been a paperless practice since 2004 and use the clinical software PPS provided by Rushcliffe. This is held on a secure server off site where our administrators and clinicians have access to our patient data.
We also ask our patients to specifically consent to the following:
Consent to be contacted by email for appointment booking confirmation, appointment reminders, invoices, receipts, referral information and other clinical information, test results etc.
Consent to be contacted by SMS for appointment reminders
Consent for us to contact the patient referrer, usually to provide a report after a New Patient consultation
Consent to be contacted by email for occasional marketing of The Health Equation services and information updates, we tend to to send marketing emails approximately 4 times a year and hope that this is not intrusive.
We DO NOT divulge patient contact details to third parties.
All of The Health Equation administrators and clinicians have confidentiality clauses in their contracts. Our two main administrators Mrs Susie Gajadharsingh and Ms Roberta Murroni have full access to all our patient data, for administrative purposes. Mr Gerry Gajadharsingh DO is the main person responsible for data protection at The Health Equation and has full access to all our patient data. Our other clinicians only have access to patient data if a patient has been booked in to see them.
Our general data policy is as follows:
- patient records and information will be stored securely on our server when not in use, we hold no paper records
- practitioners and admin staff will only view patient information they need to see
- practitioners and admin staff will not access records unnecessarily
- we will keep confidential who visits our practice, where they live, the date and times of their appointments and any other personal or medical details
- we will not disclose information to relatives or friends of patients without permission from the patient
- we will not discuss our patients or colleagues and breach confidentiality
Information is only shared with other persons with patient’s permission. This would usually be with other health professionals, either as part of the clinical team of The Health Equation, or its administrators who prepare any medical reports and other admin associated with patient care, or the patients GP/referrer or other medical specialists. Patient information is never passed on to other persons or companies.
Data would extremely rarely be shared without consent if there was a legal order or in cases of serious safety risks.
In the unlikely event of a Data Breach, all our patients will be contacted to inform them of the situation.
It is a legal requirement that we hold patient data for a minimum of 8 years for adults and until 25 years of age for children, under 18 years of age. After that time you may contact us to remove any data that we hold on you. You are also able to request a copy of any data that we hold on you and our policy is to provide that data in electronic format within 28 days of any request. Data is only released on receipt of a signed request from patients or in exceptional circumstances. Any data sharing is detailed in the patient record.
If you have any questions or concerns about our Data Policy please feel free to contact firstname.lastname@example.org