Privacy Policy and Data Retention Statement
At NUMBER FOUR, your privacy and the security of your personal data are of paramount importance. We are fully committed to complying with the General Data Protection Regulation (GDPR), which became effective on May 25, 2018. Our clinic, "The Four," situated in London, offers comprehensive healthcare services through our team of dedicated professionals, including GPs, osteopaths, and psychotherapists.
We aim to be fully compliant with current GPDR legislation and to let you know how we use and protect the data you’ve given us. GDPR replaces the previous Data Protection Act. We wish to be transparent with regard to the processes we have in place. Identifiable information if shared will only be used in accordance with this privacy statement. We follow guidance from our governing bodies.
As private practitioners, we are considered the data processor and controller in our practices. As data controllers, we process some of your personal data. During the assessment process information such as next of kin, family members and medication are gathered and held. This is anonymised, coded and securely stored. No one but us can access this information.
Data Processing means obtaining, recording or holding information. The definition is very wide, and most of what we do involves a degree of processing. We process the personal data we have collected as controller. We maintain records of personal data and processing activities and hold responsibility should there be a breach.
Our GDPR Compliance Highlights:
* Data Security: We have established stringent data security measures to protect the confidentiality and integrity of patient information. This encompasses encrypted data storage, restricted access, and regular security assessments.
* Consent: Patients are informed and explicitly consent before the collection and processing of their personal data. We maintain detailed records of these consents.
* Data Minimization: We collect and retain the minimum necessary data for the provision of healthcare services, securely disposing of any data no longer required.
* Transparency: We provide clear and concise privacy notices to our patients, explaining their rights and how their data is utilized.
* Data Portability and Access: Patients have the right to access their data and request its portability. We promptly and securely facilitate these requests.
* Data Protection Officer: At NUMBER FOUR we have appointed a dedicated Data Protection Officer who oversees our GDPR compliance efforts.
Clinical will
In the event of a sudden cessation of practice eg through an accident or death, we have appointed a professional executor who manage things on our behalf. This is arranged for your welfare as our client and every step is taken to ensure GDPR standards are met.
Agreement:
Having read, understood and discussed the above, all parties are satisfied with regard to consent and the data and privacy policies. We agree on why we have collected and kept specific data and what we do with it. You may withdraw consent at any time without detriment. We will regularly review consent with you to check that the relationship, the processing and the purposes have not changed.
We appreciate the trust you place in us to deliver healthcare services, and we remain committed to upholding the highest GDPR compliance standards in our healthcare provision at NUMBER FOUR.