Your Personal Information -General Dta Protection Regulation (GDPR)
GDPR has brought in new legal protection for personal information from 25th May 2018. This tells you what personal information I hold and why and what your rights are.
The purpose of Processing Client Data
As a full member of the Association of Reflexologists (AOR), I abide by the AOR Code of practice and Ethics. In order to give professional reflexology treatments I will need to gather and retain potentially sensitive information about your health. The lawful basis under which I hold and use your information is to provide you with the best possible treatment options and advice. The information to be held is
1. your name and contact details
2. Medical history and other health related information
3 Treatment details and related notes after each consultation.
I will not share your information with anyone else without explaining why it is necessary and getting your explicit consent. If I am treating you as a referral I may share certain information with the person referring you or your GP.
How long I retain your Information
I will keep your information for the following periods
1. 'claims occurring' insurance requests -records to be kept for 7 years from date of last treatment.
2. law regarding childrens records -records to be kept until the child is 25, or if 17 when treated. then 26.
Your data will not be transferred outside the EU.
Protecting Your Personal Dta
I am committed to ensuring that your personal data is secure. In order to prevent unauthorised access or disclosure , I have put into place appropriate procedures to safeguard and secure your data. I will contact you using the contact preferences you give to me in relation to
1. appointment times
2.Reflexology information or information related to your health.
GDPR gives you the following rights
1. the right to be informed -to know how your information is being used.
2. the right of access to the information held
3. the right to rectification
4. the right to erasure
5. the right to restrict processing of personal data
6.the right to data portability
7. the right to object
8. the right to lodge a complaint to the Imformation Commissioner's Office (ICO)
Full details of your rights can be found at at www.ico-org.uk