Data Protection Policy
What data is requested, stored and processed?
- Date of Birth
- Phone no
- Doctor’s details
- Emergency contact details
- Medical history
- Treatment notes
- Relationship data
- Browsing data
- Transaction data
Why is this data held?
- Name: client identification
- Address: for health insurance claims (address needs to be on receipt); identification; safety of therapist; address to send them home if necessary.
- Date of birth: identification, i.e. for occasions when we have duplicate names. This is especially helpful for online bookings, to flag that a duplicate profile has been created for an individual.
- Phone: to send reminder texts the day before, to keep cancellations and no shows to a minimum; in case the therapist must cancel an appointment for some unavoidable reason, i.e. illness, family emergence, act of God, etc. It is never added to any marketing list, unless consent is sought and received to do so.
- Email: to send receipts and appointment confirmations. This is only requested when clients book through our online system or for some specific reason, i.e. forwarding information. It is never added to any marketing list, unless consent is sought and received to do so. When we receive emails to our Gmail account, they are not transferred to any other system, including our online booking system unless requested to do so. Our email is password protected and there is screen lock on the computer and other devices which authorised personnel only have access to.
- Doctor’s details: in the case of a client presenting with serious medical issues, the therapist may wish, with the clients permission to liaise with the GP or specialist.
- Emergency Contact details: taken only in the case of children (with signed consent from parent or guardian and their presence in the room) and vulnerable adults, where you can justify holding it to protect the vital interests of your client.
- Medical history: to help therapists understand what the client is presenting with on a given day, so a decision whether treatment is appropriate or not can be make, and to carry out any treatments in a safe way. Therapists will ask for a baseline level of detail as seen on the consultation chart initially and work off the extended consultation chart to seek further clarification where there is a more complex medical history. This data is stored only as hardcopy paper notes.
- Treatment notes: clinic record of what happened during any contact with clients, stored only in hardcopy form.
- Relationship data: if made know to the therapist, record the relationship between clients (intimate or familial) and be mindful of the ethical issues that could arise in such a case. Recording who referred a client can help us understand and improve our services and marketing.
- Browsing data: through cookies and Google analytics to help clinic understand how people use the website and identify problematic issues so that the service can be improved.
- Transaction history: a record of all appointments booked, cancelled, no shows and payments are recorded on our online system and payments in hardcopy which is stored under lock and key for revenue. Online accounts are kept indefinitely, as receipts can be forwarded to clients at any time and to further improve services and to track repeated cancellations and no shows.
Who is the data controller?
Eileen Clair is the data controller.
How was the data obtained?
- Clients make contact with the clinic to book a treatment.
- Names and emails are obtained when individuals email the clinic.
- Once it is determined appropriate to book a treatment, basic details are recorded on the online system only. If the booking is taken in person, by email or by phone, name and phone number is all that is asked for. If the booking is done by the individual through our online system, they are asked for name, phone no, email and date of birth.
- At no point does the clinic chase a client for details without the client initiating the contact.
- The clinic will not secure a booking without a name and phone no.
- The client must sign consent to treatment and to data retention at this point.
- Browsing data is obtained by the use of our website.
- CV’s are obtained when job applicants send in applications following an advert for a position or on the off chance of a position becoming available.
- Transaction data is recorded based on a client’s interactions with the clinic.
- Photographs may be obtained during the course of a workshop/training with the clients signed consent.
Why was the data originally gathered?
Name, phone, email and date of birth are gathered at time of booking to secure booking, letting the therapist know who is coming in and how to contact them with reminder text or should we need to cancel due to unforeseen circumstances. Other data is needed to carry out the treatments requested by the client.
Contact details are added to a mailing list upon seeking and receiving separate consent.
Transaction data is recorded as clients book appointments, cancel appointments, fail to show up, and make payments for appointments and other purchases.
CV’s are gathered when people apply for a job following an advert or on the off chance of a position becoming available.
Photographs may be taken during a workshop/training with consent of the client.
Where is the data stored?
- On clinic computer: clinic holds client name and clinic encrypted information for their records, for accessibility only, esp if internet goes down or the online system is offline.
- On phones: Therapist personal phones are not used for accessing work emails or the clinic side of the online booking system. Therapist personal phones are not used for making or receiving client calls.
- On the online booking system: the client name, address, phone no, email if we have it, who referred them if relevant.
- On the paper records: client name, clinic chart number, address, phone number/letters, email, medical history and treatment notes, and reports received from client in relation to their condition and any letters we have sent to them or on their behalf at their request are held.
- Browsing data is held by Google Analytics.
- Gmail holds all emails sent and received to/from the clinic.
How secure is the data; encryption and accessibility?
The clinic uses a cloud-based online booking system to track, take bookings and process payments. This has extensive encryption security built into it and has been expanded with the General Data Protection Regulation 2018.
When therapists are not at the desk, the computer screen is locked and needs a password to access. This password is known to therapists in the clinic only.
Client names, addresses, phone no, email and date of birth are stored on this booking system, as well as their transaction history and appointment schedule.
These and all other details i.e. medical history, treatment notes, etc. are kept manually in a locked filing cabinet in a locked room. Access to this room is for clinic staff only and access to the filing cabinet is further restricted. The key to the cabinets is kept in the safe and can only be accessed by clinic owners.
Client record charts in use each day are kept in a folder that is with clinic staff and is not left lying around in view of a client.
Newly filled out record charts are put in a separate folder and locked into the filing cabinet at the end of each working day, awaiting processing, at which point they can be filed away with the rest.
Only clinic devices, such as phones, tablets and computers are used to access the online booking system and emails and are secured by passwords and screen locked when not in use.
Passwords are changed periodically.
Is the data shared with 3rd parties and on what basis?
How long shall the data be retained?
- Clinic insurance providers require our therapists to retain all treatment records for a period of 7 years after the last appointment, or in the case of minors, for 7 years after their 18th birthday. Therapists work off this for all data stored on our online booking system, hardcopy data and computer.
- For card payments over the phone, the card number is input directly to the terminal and is never written or stored anywhere.
- The clinic email account is cleared regularly of any communication from individuals who are not clients with a treatment record, who may have purchased vouchers, made enquires, applied for jobs or otherwise interacted with the clinic.
- Transaction history is required by revenue for a minimum of 6 years and in some cases longer. We retain all transaction data on our online system indefinitely to allow for traceability, records of repeated cancellations and no shows and customer service. Any paper records are destroyed after 6 years.
Amending incorrect data.
A change of name, address, phone no, email, doctor, etc. is done by the owner/managers of the clinic. Once the change needed has been brought to their attention directly by a client, or by another therapist on behalf of a client, the data will be updated on the online booking system straight away. Their paper records will be pulled and the update will be made to this file also.
Upon receiving a request from a client to transfer data to another therapist, solicitor, medical professional, a photocopy of the paper records including all medical history and treatment history will be sent by registered post, with no amendments, to the address provided by the client. The client must sign consent to this transfer, which states the date, the name and address of the recipient and acknowledgement of permission to send. This will be kept with their original records, as a record of the transfer and request to do so.
Data will not be transferred by photograph copies via smart technology or by scan and email as this may be further shared.
Data will only be destroyed after the allotted time frame as quoted above.
The online booking system can fully delete any details. The client records in question will be archived as per their system and then deleted completely.
The record of client name and chart no. listed on the computer will continue to be listed with a highlighted note indicating the date of its destruction.
The paper record will be removed and shredded on site. These are disposed of in 2 separate bags, one at a time.
Clients can request to have their data destroyed in specific circumstances where there has been a misuse of their data. They do not have an absolute right to the destruction of all records involving them.