GENERAL DATA PROTECTION REGULATION (GDPR)
25 MAY 2018
We have to collect specific data from patients to enable us to help you and to comply with the law.
The GDPR legislation tells us to clarify what information we collect from you and what will happen to it.
Under the old legislation we were registered with the Information Commissioner’s Office (ICO) as we keep your name, date of birth and address on our computer. This is collected and stored for contact and payment purposes. This will not change.
Medical information is collected and stored safely in a paper format. This obviously contains very personal information and is subject to strict rules about sharing. The only information shared is when a report / letter is sent to your GP, Consultant or similar medical individual (x-ray or MRI request for example) with your permission and to Solicitors in specific circumstances, with your permission. If you have medical insurance there are times when very limited information has to be shared with them to comply with their rules / agreements that they have with you in order for us to request further treatment.
Medical records must be kept for 7 years after your last treatment, or in the case of those under 21, until they are 27 (assuming they have not returned for treatment after the age of 21). Then they are destroyed. There is a statutory number of years we must keep medical records after a patient dies.
Please do ask if you have any queries.