What is GDPR?
The General Data Protection Regulation (GDPR) replaces the existing data protection framework under the EU Data Protection Directive. It is an EU Directive which enhances protection for consumers and creates new obligations for physiotherapists who collect and store data on patients.
Why do you collect and how do you use my personal information?
We collect this as part of your medical records when we assess and treat you for a painful condition. We keep this information as details of successful treatment plans and previous rehabilitation strategies may improve our understanding and inform future injuries that you may present with, which is of benefit to you when you return to us with a recurring injury.
We use your email address and mobile number to contact you with your receipts, your appointment reminders, and home exercise plans, and to follow up with you during the management of your injury.
Do you share my personal information?
We do not share your personal information with any third parties. Your personal information and treatment notes are securely hosted on a physiotherapy specific practice management software package.
If we need to correspond with another Healthcare Practitioner on your behalf, eg your GP or a consultant, we will obtain your consent in advance to do so.
For how long do you retain my personal information?
We operate in accordance with the Irish College of General Practitioners’ guidelines:
“In general, medical records should be retained by practices for as long as is deemed necessary to provide treatment for the individual concerned or for the meeting of medico-legal and other professional requirements. At the very least, it is recommended that individual patient medical records be retained for a minimum of eight years from the date of last contact or for any period prescribed by law. (In the case of children’s records, the period of eight years begins from the time they reach the age of 18).”