Data Controller: Fusion Physiotherapy Ltd, Elgin City Football Club, Borough Briggs Road, Elgin IV301AP.
Data Processors: Andrew Jones – Lead Clinician
Heather Foley – Associate Clinician
Lynley Beckett – Practice Manager
This purpose of this policy is to explain the data processing we do and how we do it. It will also include information on your rights as “data subject”. Whilst this policy will explain these things, our explanations may not be exhaustive and further information is always available at www.ico.org.uk. If you have any queries, please feel free to discuss them with us at Fusion Physiotherapy Ltd.
What information we hold: We collect, hold and process information such as your name, date of birth, address, email address and telephone numbers. We may also hold insurance company details if applicable and referral details regarding your reasons for seeking physiotherapy treatment. Once treatment has taken place, we hold records of any treatment sessions, reports relating to the sessions and may also hold details of any communications made through our TM3 practice management system.
Why we hold this information: We want to provide the best possible treatment in each individual case. We have a legitimate interest in GDPR terms for all the information that we hold, that is to say, it is all necessary to provide you with the service which you have requested. We do not share this information with third parties unless requested to do so, for example, we would share that information with an insurance company if you are receiving care through them or where there was a statutory obligation on us to do so, for example for the prevention of fraud or criminal activity.
We do not use your information for marketing purposes.
Where we hold this information: The information is held mainly within the TM3 practice management system. They have access purely to maintain/upgrade the system where necessary and to rectify any technical issue that may occur.They are fully GDPR compliant in terms of security, using certified UK based data centres which “offer the highest levels of security available”. Information is also regularly backed up within their system so that continuity of your care is as safe from data loss compromise as it is possible to be.
We hold any paper records in a locked filing cabinet within locked premises when unattended.
Any devices used to access TM3 are password/pin protected and access to TM3 is also securely password protected so a double layer of protection is in place to offer a greater degree of security.
Who we share this information with: This information is not shared with any third parties except in the case of insurance referrals. In rare circumstances, we may be required by law to provide information. Further information is available from the ICO on their website.
How long the information is held for: Information is held for the duration of your treatment time with us. We are further required by law to retain health records for a period of 8 years from the last date of treatment for adults, for 8 years after their 18th birthday for children.
Data Subject Access Rights:
You have the right to:
Request access to your records – (data subject access request) – This enables you to receive a copy of the personal data we hold about you. This should be done without charge except when there are multiple requests or where the nature of the request is complex.
Request correction – of the personal data we hold for you. You can request any corrections or updates to be made, although we may need to verify the new data.
Request erasure – of your personal data where there is no good reason to continue processing it. We may not always be able to comply as there are certain professional / statutory requirements to retain certain information. You will be notified if this is the case.
Object to processing – of personal data in certain circumstances where you feel that it impinges on your fundamental rights / freedoms. We may demonstrate an overriding legitimate interest in certain cases which means that we would not comply with your request but we would have to demonstrate that in our response.
Request the transfer – of your personal data to a third party. We would provide this in a simple to use, accessible format unless prevented by statutory obligations from doing so.
Withdraw consent – where we are relying on your consent to process your personal data. However, doing so may meant that we are not able to continue your effective treatment.
Data Breaches: - as already said, we work hard to make sure that your information is as secure as possible and to maintain confidentiality at all times. In the extremely unlikely event that there is a breach which affects you, we will inform you and also abide by the protocol laid down by the ICO.
The rights and obligations listed here are by no means exhaustive. A more in-depth explanation can be found on the ICO website www.ico.org.uk. If you have any concerns or queries, please feel free to discuss them with clinic staff.
We sincerely hope that the occasion will not arise where you will feel dissatisfied with your treatment or your communication with our clinic. In the extremely unfortunate event that there are any issues, however small they may be, we hope that you will come to us first. We will do our utmost to provide a resolution which satisfies your concern. You can contact us by telephone, email, letter or in person, whichever method you prefer, all details are given below.
Post:Fusion Physiotherapy Ltd
Elgin City Football Club
Borough Briggs Road
Telephone: 07535 457525
Our cookies help us:
You can learn more about all the cookies we use below
There is no way to prevent these cookies being set other than to not use our site.
You can usually switch cookies off by adjusting your browser settings to stop it from accepting cookies (Learn how here). Doing so however will likely limit the functionality of our's and a large proportion of the world's websites as cookies are a standard part of most modern websites
It may be that you concerns around cookies relate to so called "spyware". Rather than switching off cookies in your browser you may find that anti-spyware software achieves the same objective by automatically deleting cookies considered to be invasive. Learn more about managing cookies with antispyware software.
The cookie information text on this site was derived from content provided by Attacat Internet Marketing http://www.attacat.co.uk/, a marketing agency based in Edinburgh. If you need similar information for your own website you can use their free cookie audit tool.