Privacy Notice
You can visit my website without telling me who you are and without revealing any information about yourself. However, there may be occasions where I do ask you to provide certain information by which you can be identified when using this website. However, you can be assured that any information you provide will only be used in accordance with this privacy statement and I am committed to ensuring that your privacy is protected.
You may wish to provide your information when:
· You choose to contact me for an appointment.
· To request information from me.
Data that we collect
· Your name.
· Your contact information including a telephone number and E-Mail address.
· A brief reason for requesting an appointment.
What will we do with the data you provide?
It allows me to provide you with the information requested and or to offer you an appointment and provision of service.
· Your data will be used to enable me to contact you with your requested service.
· Should you book and attend an appointment your data will be transferred to your clinical record. If you do not wish to make an appointment your E-Mail containing your data will be shredded.
Security of your data
I am committed to ensuring that you information data is securely protected. I have structural and state of the art electronic security measures in place to ensure that your data is protected against unauthorised access, loss or destruction.
Web links:
My website may contain links to other websites of interest. However, once you have used these links to leave our site, you should be aware that I do not have any control over the other website. Therefore, I cannot be responsible for the protection and privacy of any information which you provide whilst visiting these sites. I strongly suggest that you read any privacy notice attached to an individual site.
INFORMATION WHICH APPERTAINS TO YOUR DATA COLLECTION:
When you make an appointment and attend my clinic I will request and record specific data from you, which is required to establish your medical health care record.
I have set out below the type of data that I require for your assessment and treatment in respect of clinical hypnotherapy, psychotherapy and complementary therapy.
· Data controller
Geraldine Daly Hypnotherapist, Stress Management and Wellness Coach
· Lawful basis
My Lawful Basis for collecting, recording, storing and using your data is “Legal obligation”. However, I access other lawful basis for certain criteria, as listed below:
Legal Obligation.
I have determined that our lawful bases is “Legal Obligation” which represent our activity in regards to the Practitioner and client relationship and my relationship with a client’s medico-legal intermediary, health insurance Provider, solicitor and/ or health care professional. Therefore, I have a statutory requirement to record, collect, store and use your data.
Performance of a Contract
Should I be in a position to offer you a credit/debit cards service then I will process your payment details via this lawful basis. Occasionally I do use a PayPal service.
Consent
Please note, that on your first appointment, you will be provided with a laminated version of my privacy notice and you will be required to read and sign a further two forms:
1. Data consent form.
2. Terms and Conditions and Treatment Consent Form.
· What information is being collected?
Information provided by you and recorded by myself will consist of personal identifiable information and sensitive personal data appertaining to your health and wellbeing.
Personal details:
· Name, date of birth, postal address, telephone numbers and your E-Mail address.
Sensitive health related details:
· Presenting condition, general health history, medications and any allergies.
· Your Doctors details and any other Professional involved in your care.
Lifestyle activities:
· Sports, hobbies, accommodation details, employment details, sleeping and eating behaviours, pet ownership, smoking and alcohol consumption.
Assessment and treatment details:
· Health related notes will be compiled of your assessment, treatment and your progress in respect of any professional treatment and/or therapy provision that you have requested and undertaken.
Payments history:
· Details of your payments and methodology are recorded on our Tax records for submission to our accountants and HMRC.
· Who is collecting it?
I, as the practitioner looking after you, will collect your data.
· How is it collected?
Data which is freely and voluntarily provided by you will be stored in hard copy under lock and key. Any letters to Healthcare Professionals, such as your GP, will be stored on my computer and they will be encrypted as well as password protected. Your email address will be stored in my e-mail account for ease of contact
· Why is it being collected?
To formulate a medical health care record including any clinical and/or therapeutic treatment interventions recorded in your treatment plan.
· How will it be used?
Your records are stored solely for the purpose of maintaining a medical record. Your medical records are designed to keep a historical and up to date evidence base of your health care provision, progress and rehabilitation.
· Who will it be shared with?
Your data will not be shared with any other party unless you request it to be shared and you provide your consent for me to do so. With your consent, we may share your data with your GP and/or another allied Health Care Professional for consulting and referral purposes and for obtaining a second opinion. Any medico-legal organisation, health insurance provider and/or solicitor referring you will have obtained your consent for us to report certain data back to them on a standard medico-legal reporting template or a clinical letter.
If requested, we are legally bound to share your data with any lawful and/or Crown agency that requests access to your data via appropriate data release requests.
· What will be the effect of this on the individuals concerned?
To promote and enhance your healthcare, improve the quality of your life and provide health care protection and safety.
· Is the intended use likely to cause individuals to object or complain?
No, because the clients’ healthcare and wellbeing is the basis of my business and therefore, I always act in the best interests of the client.
If I need to write to your GP or NHS Health Care Professional then I will discuss our clinical reasoning for this activity and request you to sign a third party consent form.
· How is my data protected?
My software programmes are protected with ultimate protection software which is constantly updated by the manufacture to meet any new cyber threats. Management policy’s and processes are in place and a range of structural security is present.
· Under the General Data Protection Regulations (GDPR) you have individual rights:
1. The Right to be informed
2. The right of access
3. The right of rectification
4. The right of erasure
5. The right to restrict processing
6. The right to data portability
7. The right to object
8. Rights in relation to automated decision making and profiling
How long do we keep your medical records?
Personal information that I process for any purposes shall be not be kept for longer than is necessary for the purpose or those purposes. I am legally bound by statutory requirements to hold your data for:
· Adults: I keep your medical and treatment records for a period of 8 years from the date of your last appointment.
· Children: I keep your records until you reach the age of 25.
There may be occasions where I need to keep your records for an indefinite period of time and I may withhold personal information that you request to the extent permitted by law. I may also retain your personal information where such retention is necessary for compliance with a legal obligation to which I am subject, or in order to protect your vital interests or the vital interests of another natural person.
· Controlling your personal information
I do not sell or distribute your information to any other organisation unless you have consented and/or contracted me to do so.
If your personal and sensitive data should change then please inform me immediately in order for me to update your personal records and clinical notes. I have a duty under GDPR to inform all other parties of any such changes.
Contact
If you wish to contact me for any aspect in regards to your data then you may do so by contacting me in writing and/or by E-Mail at the clinic address below:
Geraldine Daly
The Windmill Studio
106a Pembroke Road
Ruislip
Middx
HA4 8NW
075 11 36 06 11
info@geraldinedaly.co.uk
www.geraldinedalyco.uk
If you wish to make a complaint
If you wish to complain about the manner in which I have handled, recorded, stored and or used your data then you may do so by contacting:
Information Commissioners Office
Wycliffe House, Water Lane
Wilmslow, Cheshire
SK9 5AF
Tel No 0303 123 1113
Fax 01625 524510
E-Mail www.ico.org.uk
ert your text and upload images