DATA PROTECTION POLICY
Why this policy exists
This data protection policy ensures that Stephanie Thullen Homeopathy:
Company means Stephanie Thullen Homeopathy
GDPR means the General Data Protection Regulation.
Responsible Person: Appointed Data Protection Trustee Representative Stephanie Thullen
Register of Systems means a register of all systems or contexts in which personal data is processed by Stephanie Thullen Homeopathy
1. DATA PROTECTION PRINCIPLES
Stephanie Thullen Homeopathy is committed to processing data in accordance with its responsibilities under the GDPR.
Article 5 of the GDPR requires that personal data shall be:
2. GENERAL PROVISIONS
3. LAWFUL, FAIR AND TRANSPARENT PROCESSING
4. LAWFUL PURPOSES
5. DATA MINIMISATION
7. ARCHIVING / REMOVAL
Stephanie Thullen Homeopathy takes your privacy seriously and will only use your personal information to administer any treatment you have requested or to send you relevant information via emails and newsletters. We will not share your data with any third parties*
* Analytics information:
We use third-party analytics tools to help us measure traffic and usage trends for the Service. These tools collect information sent by your device or our Service, including the web pages you visit, add-ons, and other information that assists us in improving the Service. We collect and use this analytics information with analytics information from other Users so that it cannot reasonably be used to identify any particular individual User.
In the event of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data, Stephanie Thullen Homeopathy shall promptly assess the risk to people’s rights and freedoms and if appropriate report this breach to the ICO (more information on the ICO website).
END OF POLICY
Policy review date: 1 April 2020
What personal information do I collect?
In order to treat you, I will ask you to provide certain information. This includes:
How do I collect this personal information?
All the information collected is obtained directly from you. This is usually at the point of your initial consultation. The information is collected via a ‘medical history form’ which I ask you to complete prior to or at the initial consultation. At the point at which you provide your personal information, I will also request that you provide consent for me to store and use your data. Your consent is required in order to ensure my compliance with data protection legislation. Subsequently, I will add to this initial information with details of the consultations you hold with me.
How do use this personal information?
I use your personal information to analyse the conditions for which you have consulted me and to prescribe remedies and other therapies.
I will communicate with you by email, other digital methods, by telephone and by post.
With whom do I share your personal information?
I do not share your personal information
How long do I keep your personal information?
I need to keep your information for as long as you continue to consult me. Since patients often return for more consultations after a period of absence, I will keep your information for seven years after your last consultation. At that point, your file will be securely destroyed and any digital information will be erased from my computer systems.
How your information can be updated or corrected
To ensure that I have accurate and up-to-date information, you need to inform me of any changes you believe I should make to the personal information I hold. You can do this by contacting me by any of the methods previously described.
Under data protection legislation, you have the right to inspect the personal information I hold about you. You can make a request to do so by contacting me and I will endeavour to respond within 14 working days.
How do I store your personal information?
My patient files are paper-based and are held securely within my consulting room. Any information kept digitally in my computer is password protected. I take steps to protect your personal information against loss or theft, as well as unauthorised access, disclosure, copying, use, or modification.
Your email address, if you have one, is held securely on the servers of my email providers.
Changes to this policy
This policy may change from time to time. If I make any material changes, I will make you aware of them.
If you have any queries about this policy, need it in an alternative format, or have any complaints about my privacy practices, please contact me:
Stephanie Thullen Homeopathy
Tel: 07910 333004
Policy review date: 1 April 2020