PRIVACY NOTICE

The Physio Company takes your privacy seriously and we will only collect data that we need to provide the best treatment for you and in order to communicate with you, your doctor and other medical specialists if appropriate.

The Physio Company Lion House, 111 Hare Lane Claygate KT10 0QY are a data controller of your personal data.

We have a dedicated data protection officer (DPO).  You can contact the DPO by writing to the above address, marking it for the attention of the DPO.

We collect the following information 

  • Contact details
  • Date of birth
  • Medical insurance details
  • Email addresses
  • Occupation 
  • GP name and address
  • Medical consultant if appropriate
  • General medical history and medications taken
  • Letters from medical professionals and radiology reports relating to your presenting condition
  • Clinical notes relating to treatment

What is the source of your personal information?

We’ll collect personal information from you directly.

What do we use your personal data for?

We use this information to understand your medical background and factors that might relate to your symptoms.

To contact your GP or a specialist.

To communicate with your private medical insurer.

We ask for your occupation to assist us in understanding your daily tasks to treat you effectively and in our corporate clinics we ask for your occupation to spot trends that can be used in prevention measures (your name will not be linked to your occupation).

To communicate with you regarding appointments and to send exercise programmes by email.

Who might we share your data with?

Your GP

A specialist such as an orthopaedic consultant

Your private medical insurer

How do we store your information?

We store your information on our patient management system TM2

Any paper documents with patient data are kept securely.

How long do we keep your data for? 

We keep your data for 7 years after your last appointment.  This is in line with the Chartered Society of Physiotherapy regulations.

How can I obtain access to the information that you hold about me?

This information can be obtained by contacting our Data Protection Officer Maria McGlone.

maria@thephysiocompany.co.uk

Data breaches

Procedures are in place to detect, report and investigate any data breaches.

Requests for Record Access

Subject Access Request (SAR) can be made by or on behalf of an individual.  A SAR can be made in any form (as per the Data Protection Act 1998), the response will be made within 40 days from receipt of all information and fees required to complete the request.

A SAR from a third party agent acting for the patient must be accompanied by documentation of authority to the Clinical Director with the patient’s written consent.

Requests for record correction, rectification or erasure

The General Data Protection Regulation (GDPR) includes the right for individuals to have personal data erased, inaccurate personal data rectified, or incomplete data completed.  The individual can make this request verbally or in writing and the response will be made within one month from this request.  In certain circumstances, a request can be refused according to the GDPR (5)(1)(d). 

When a rectification or erasure of personal data is made following a request it should be clear that it has been at the patient’s request.

When information has been shared with a third party prior to being rectified or erased, this party should be informed of the changes to the information.

Sharing of personal data electronically

All emails and letters with patient details on them are encrypted.

Do you have to provide your personal information to us?

We’re unable to provide you with our services if you do not provide certain information to us.  In cases where providing some personal information is optional, we’ll make this clear.


Warning: file_put_contents(/homepages/3/d272310013/htdocs/wp-content/cache/comet-cache/cache/http/thephysiocompany-co-uk/privacy.html-5b55393160728177915602-tmp): failed to open stream: Disk quota exceeded in /homepages/3/d272310013/htdocs/wp-content/plugins/comet-cache/src/includes/traits/Ac/ObUtils.php on line 430

Fatal error: Uncaught exception 'Exception' with message 'Comet Cache: failed to write cache file for: `/privacy/`; possible permissions issue (or race condition), please check your cache directory: `/homepages/3/d272310013/htdocs/wp-content/cache/comet-cache/cache`.' in /homepages/3/d272310013/htdocs/wp-content/plugins/comet-cache/src/includes/traits/Ac/ObUtils.php:435 Stack trace: #0 [internal function]: WebSharks\CometCache\Classes\AdvancedCache->outputBufferCallbackHandler('<!DOCTYPE html>...', 9) #1 /homepages/3/d272310013/htdocs/wp-includes/functions.php(3743): ob_end_flush() #2 [internal function]: wp_ob_end_flush_all('') #3 /homepages/3/d272310013/htdocs/wp-includes/class-wp-hook.php(286): call_user_func_array('wp_ob_end_flush...', Array) #4 /homepages/3/d272310013/htdocs/wp-includes/class-wp-hook.php(310): WP_Hook->apply_filters('', Array) #5 /homepages/3/d272310013/htdocs/wp-includes/plugin.php(453): WP_Hook->do_action(Array) #6 /homepages/3/d272310013/htdocs/wp-includes/load.php(679): do_action('shutdown') #7 [ in /homepages/3/d272310013/htdocs/wp-content/plugins/comet-cache/src/includes/traits/Ac/ObUtils.php on line 435