What are cookies?
Cookies are small pieces of text sent to your web browser by a website you visit. A cookie file is stored in your web browser and allows the Service or a third-party to recognize you and make your next visit easier and the Service more useful to you.
Cookies can be “persistent” or “session” cookies. Persistent cookies remain on your personal computer or mobile device when you go offline, while session cookies are deleted as soon as you close your web browser.
When you use and access the Service, we may place a number of cookies files in your web browser.
To enable certain functions of the Service
To provide analytics
We use both session and persistent cookies on the Service and we use different types of cookies to run the Service:-
Essential cookies. We may use essential cookies to authenticate users and prevent fraudulent use of user accounts.
Analytics cookies. We may use analytics cookies to track information on how the Service is used so that we can make improvements. We may also use analytics cookies to test new advertisements, pages, features or new functionality of the Service to see how our users react to them.
In addition to our own cookies, we may also use various third-parties cookies to report usage statistics of the Service, deliver advertisements on and through the Service, and so on.
What are your choices regarding cookies?
Please note – however, that if you delete cookies or refuse to accept them, you might not be able to use all of the features we offer, you may not be able to store your preferences, and some of our pages might not display properly.
For the Chrome web browser, please visit this page from Google: https://support.google.com/accounts/answer/32050
For the Internet Explorer web browser, please visit this page from Microsoft: http://support.microsoft.com/kb/278835
For the Firefox web browser, please visit this page from Mozilla: https://support.mozilla.org/en-US/kb/delete-cookies-remove-info-websites-stored
For the Safari web browser, please visit this page from Apple: https://support.apple.com/kb/PH21411?locale=en_US
For any other web browser, please visit your web browser’s official web pages.
Where can you find more information about cookies?
You can learn more about cookies and the following third-party websites:-
Network Advertising Initiative: http://www.networkadvertising.org/
Our approach to your privacy
Harpenden Home Physio is committed to protecting your personal information. The privacy and security of your personal information is very important to us. We want to assure you that your information will be properly managed and protected whilst in our hands.
The information we collect and how we collect it
This information may include
• Basic personal details such as your name, date of birth, age, address, email address, telephone numbers, marital status and occupation.
• Sensitive personal information such as your current health, past medical history, family or personal history in relation to your health, prescribed medication, x-ray and scan reports,
• Relevant information about your health, lifestyle, weight, sports, hobbies, social circumstances.
• Information collected from 3rd parties – GP’s, specialists, other health professionals and private medical insurers who we will always seek your permission to contact if necessary.
• Details about the signs and symptoms you are presenting with and what we find on examining you.
How we use your personal information: the legal basis and purposes
We’ll process your personal data:
• As necessary to help us reach a diagnosis of your presenting problems and draw conclusions in order to tailor a treatment programme to you.
• As necessary for our own legitimate interests, for good governance, accounting, managing and auditing our clinical activities. To document emails, calls, other communications and activities.
• As necessary for compliance with legal and regulatory requirements, related disclosures and establishing and defending of legal rights.
• Based on your consent e.g. when you allow us to disclose your personal data and health information to another health professional, G.P, specialist.
Sharing of your personal data
Subject to applicable data protection law, your information may be shared with:
• G.P’s, Consultants, other health professionals. This may be by letter, which is given to you, so the protection of its contents becomes your responsibility. If the information is sent by email we will take all reasonable precautions to transmit the information securely.
• Our legal and other professional advisors.
• Courts, to comply with legal requirements.
• In an emergency or to otherwise protect your vital interests.
• To protect the security and integrity of our clinical practices.
• We will not provide your personal information to any third parties for the purpose of direct marketing.
Keeping your personal information secure
We work hard to keep your personal information safe. We are committed to protecting the confidentiality and security of the information you provide to us. We use appropriate measures to maintain the security of your personal data, to protect against unauthorised access to, disclosure of, unlawful processing/alteration of, accidental damage to, unlawful destruction of or loss of your personal information. All patient’s patient information and clinical notes are held securely in GDPR compliant electronic format and can only be accessed by the appropriate Physiotherapist.
We have a legal obligation to keep your personal information on file for 8 years after the date of your last attendance. After this time, all patients clinical notes held will be safely destroyed.
Your rights in connection with personal information
Under certain circumstances, by law you have the right to:
• Request access to your personal data and information about how we process it. This enables you to receive a copy of the personal information we hold and check that we are lawfully processing it.
• Object to processing of your personal data, where we are relying on a legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground.
• Have your personal data corrected if inaccurate and have incomplete data completed. We may need to verify the accuracy of any new data you provide to us.
• Have your personal data erased. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it; where you have exercised your right to object to processing. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
• Move, copy or transfer your personal data. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use.
• You have the right to withdraw consent at any time eg. for us to communicate with your G.P. or to decline certain treatments, but this will limit how we can help you/what we can offer you. We will advise you if this is the case at the time you withdraw your consent. Withdrawing your consent will not affect the lawfulness of any processing carried out before you withdraw your consent.
Time limit to respond
We try to respond to all legitimate requests within one month. Occasionally it may take longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated. You will not have to pay a fee to access your personal information. However, we may charge a reasonable fee if your request for access is unfounded, repetitive or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
What we may need from you. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response. Please let us know if your information changes as it is important that the information we hold about you is accurate and up to date.
You can contact Emily Firmin (Chartered Physiotherapist, Practice Principal and Data Protection Officer) at firstname.lastname@example.org to exercise any of your rights, or if you have a complaint about why your information has been collected, how it has been used or how long we have kept it for.
For further information about your rights, including circumstances in which they apply, see the guidance from the Information Commissioners Office (ICO) on individual’s rights under the General Data Protection Regulation