Our clinic management system is run and hosted by developers, BlueZinc, who are GDPR compliant. The Patient management software used is TM2. The servers that hold the patient data are hosted in the UK. All servers and cloud storage used by Warley Hill Physiotherapy Clinic that potentially hold any patient data are located within the United Kingdom and are GDPR compliant.
Warley Hill Physiotherapy Clinic is committed to ensuring that all your personal data is protected, and we endeavour to ensure any third-party links or organisations work in the same way.
What data Warley Hill Physiotherapy Clinic may collect, either via the website, telephone email or face-to-face
The data collected will be as follows: -
The data collected will be used for initial booking, Initial assessment, any or ongoing Physiotherapy and any financial requirements such as invoicing/billing and in retrieval of outstanding monies.
Any survey data collected, or survey form link being sent out after treatment, (if you have opted in), will be used to assess the quality of Warley Hill Physiotherapy Clinic and clinic facilities. You can opt out at anytime or do not fill-in the form.
All patient medical records are kept for a minimum of 8 years, in the case of minors, until the age of 21. This is in line with the BMA and HCPC recommendations
All financial records are kept for a minimum of 7 years as required by HMRC
We are fully Trustwave PCI DSS compliant. Card payments are taken over a dedicated network. We do NOT store card details or numbers. We will ask you for card details for each transaction whenever you wish to make a payment over the telephone.
No data is shared with third-parties unless a request is made by an agency acting on behalf of the patient, such as solicitor, insurance company, etc. or law enforcement agencies
You can make a data request at any time and we will endeavour to meet your request within the allowed 40 days. We can provide an electronic version free of charge but any paper copies or other delivery methods other than email may incur an administration charge.
Mentioned in Recital 30 of the GDPR regarding cookies states: -
NATURAL PERSONS MAY BE ASSOCIATED WITH ONLINE IDENTIFIERS, SUCH AS INTERNET PROTOCOL ADDRESSES, COOKIE IDENTIFIERS OR OTHER IDENTIFIERS. THIS MAY LEAVE TRACES WHICH, IN PARTICULAR WHEN COMBINED WITH UNIQUE IDENTIFIERS AND OTHER INFORMATION RECEIVED BY THE SERVERS, MAY BE USED TO CREATE PROFILES OF THE NATURAL PERSONS AND IDENTIFY THEM.
Cookies can be used to uniquely identify a person; therefore, we treat them as personal data. It will affect those identifiers used for analytics, advertising, but also those used for functional services like chats and surveys.
When you visit our website, www.brentwoodphysio.com, you will be greeted with a cookie consent pop-up. Here you can choose to opt-in any area and remain out of others. This can be changed at any time during your visit. It is important to note that remaining opted out of all the cookies will result in a limited experience.
Warley Hill Physiotherapy Clinic do not store these cookies and they are only used during your visit.