This policy relates to Maidstone Physiotherapy and Sports Injury Clinic Limited (MPSIC).
Types of information we collect
We may collect information from you which can be used to identify you, such as your name, address, date of birth, email address, telephone number(s), medical insurance membership and authorisation numbers. We may also hold GP and consultant information, and details of treatment provided, which may include sensitive medical information.
Information will be collected:
- When you contact the Clinic to book an appointment
- Throughout your treatment with us
- When your personal information changes or is updated (for example change of address)
- If you submit an enquiry to us via email, telephone or via our website
We may also receive information from a third party who books an appointment on your behalf, such as family members, insurance companies, doctors and consultants (e.g. referrals, medical reports, updates following appointments or procedures/surgery).
In some instances, it may be necessary for us to contact third party providers to supplement the personal information you provide to us (e.g. validate your medical insurance information when processing invoices) to help us maintain the accuracy of your data and provide you with a better service.
Personal information we collect automatically
When you use our website, we automatically receive information on our server logs from your browser or mobile platform, including your location, IP address, cookie information, and the page you requested.
We treat this data as non-personal information, except where we are compelled to do otherwise by law. This is statistical data about our users’ browsing actions and patterns and does not identify any individual. The Google Analytics Terms of Service prohibits the tracking or collection of personal information using Google Analytics, and we adhere to these terms. If you wish to opt out of being tracked by Google Analytics, we encourage you to look at the Google Analytics Browser Opt-Out Add-on which might serve your needs.
Collection and use of children’s personal information
We only collect personal and medical information required to treat children effectively; this information will be obtained from the parent or guardian chaperoning the child for their appointment. Records will be stored in line with Data Protection laws and all the confidentiality guidelines issued by professional bodies such as the Chartered Society of Physiotherapists and the Health and Care Professions Council.
What we do with your information
We hold personal details including medical information and we use this information for medical and internal record keeping; this information will only be kept as long as necessary to comply with UK law and the requirements of relevant professional bodies.
We do not share your personal information with third parties, other than medical professionals and insurance companies with your specific consent. The confidentiality of your personal information is of the utmost importance to us and we comply with Data Protection laws and all the confidentiality guidelines issued by relevant professional bodies.
We may use your personal information for the following purposes:
Clinic registration: We will use your name, address, date of birth, telephone number(s) and email address to register with MPSIC for the services we provide and to communicate important information to you. We may obtain additional personal information about you, such as address change and changes to your health information, correspondence from other health professionals and insurance companies throughout your treatment and also if you return to the clinic in the future to keep our records accurate.
Invoicing and insurance companies: When processing insurance claims on your behalf, name, address, date of birth and insurance authorisation codes will need to be provided to your insurance company to enable them to process the claim. This may be communicated in writing or by telephone.
Appointment reminders and clinic news: We may use your information to send confirmation and reminder emails of your appointments and for any correspondence relating to your treatment and payment therefor.
Response to legal requests: Requests from third parties (e.g. solicitors if there is a personal injury claim) for information relating to treatment received by you in this clinic will be processed only when we have written authorisation from you to provide such information.
We may send the occasional newsletter or email containing information of legitimate interest to you. You have the right to request to opt out of these communications.
Accessing your personal information: You have the right to access the personal data which we hold on you free of charge and we will provide this information within one month of receipt of request. If the request for data is complex or numerous, we reserve the right to extend this period by a further two months.
In accordance with applicable law and regulations, we are required to retain your medical information for 8 years from the date of your last treatment. Due to digitisation of our records, your personal data will not be deleted unless you specifically request this. If a patient is still a minor at the date of their last treatment, we are required to retain their information until their 25th birthday. You have the right within the GDPR to object to us using your personal information and you can ask us to delete, remove or stop using it as long as there is no other legal reason for us to keep it.
SECURITY OF YOUR INFORMATION
The security of your information is important to us. We have in place procedural and electronic processes to safeguard and protect your information. All our staff have a legal duty to respect the confidential information we hold, and access to this information is restricted to those who have a reasonable need to see it.
We provide reasonable security measures in connection with securing personal information held by us, including:
- We work to update our security practices to protect your personal data and we review our security procedures carefully;
- We comply with appropriate laws and security standards;
- We securely transmit your sensitive personal information;
- We train our staff and require them to safeguard your data;
- We transmit, protect and access all cardholder information in compliance with the Payment Card Industry?s Data Security standards.
|Session/Persistent||Up to 2 years||We use Google to improve your experience. Google tells us how people use this site so that we can make it better. It sets a number of cookies, including: APISID, HSID, NID, PREF, S, SAPISD, SID, SSID, TZ.|
|Google Analytics||Session/Persistent||Up to 2 years||We use Google to improve your experience. Google tells us how people use this site so that we can make it better. It sets a number of cookies, including: _ga, _utma, _utmb, _utmc, _utmz.|
|Maidstone Physio Clinic||Session/Persistent||Up to 1 year||We store a number of cookies that help us provide a great website experience. Some of these are for our content management system, others to enable our hosting provider to provide an optimal browsing experience. Cookies stored include: of_current_opt, viewed_cookie_policy, wordpress_logged_in, wordpress_test_cookie, wp-settings-2, wp-settings-time-2, wpe-auth.|
You can delete that cookie by clicking this link.
More information can be found by visiting the BBC website.
Book an Appointment
In order to ensure you are booked with the most suitable therapist, please complete the following information and our receptionist will contact you as soon as possible:
(Required fields marked with a *)