When you supply your personal details to this clinic they are stored and processed for 3 reasons:

  1. We have a legal obligation to maintain medical notes in order to provide you with treatment.
  2. We also think that it is important that we can contact you in order to confirm or change your appointments with us or to update you on matters related to your medical care. Under the GDPR (General Data Protection Regulations), this is known as Legitimate Interest.
  3. Provided we have your consent, we may occasionally send you news related to the practice, special offers or general health information in the form of articles or advice. You may withdraw this consent at any time – just let us know.

We have a legal obligation to retain your medical records for 8 years after your most recent appointment (or age 25, if this is longer), but after this period you can ask us to delete your records if you wish. Otherwise, we will retain your records indefinitely in order that we can provide you with the best possible care should you need to see us at some future date. Your medical records are stored on paper, in locked filing cabinets, and the offices are always locked and alarmed out of working hours. We will never share your data with anyone who does not need access without your written consent.

Only the following people/agencies will have routine access to your data:

  • Lydney Osteopath practitioners in order that they can provide you with treatment.
  • The virtual receptionist company ‘Professional Call Minders’ (who have given us their assurances that they are fully compliant with the General Data Protection Regulations) because they organise our practitioners’ diaries, and coordinate appointments and reminders (but they do not have access to your medical history or sensitive personal information)
  • Other administrative staff, such as our bookkeeper. Again, administrative staff will not have access to your medical notes, just your essential contact details.

Contact details are stored on our office computers and these are password-protected, backed up regularly, and the office is locked and alarmed out of working hours. If the computer is removed from the office it is done so in a locked case and kept securely out of sight while in transit and stored securely at home.

Card payment receipts In case of any enquiries regarding payments card payment receipts are kept securely stored for 3 months in a locked cash box within the office that is locked and alarmed out of working hours, after which they are shredded.

This document was last updated on April 2018