Data Handling and Privacy Policy
This Policy explains when, why and how personal information is collected from and about people who attend appointments for homeopathic treatment. It also explains how that information is used and kept secure.
How is information collected from you?
I obtain information about you when you complete a client questionnaire prior to, or at, your first appointment. I also gather personal information as part of the homeopathic consultation to aid in understanding your state of health and well-being both currently and in the past. Communications outside of our meetings such as text and email may also be notated as part of case management.
What type of information is collected from you?
A written record is made of your current health concerns, health history and possible contributing factors to your state of health and well-being. The information provided by you during the consultation will be kept as a written record in order to inform clinical analysis and prescribing.
Who has access to your information?
The information I record about you is confidential and will only be shared if a) you have requested me to do so, in writing e.g. with doctors or other health professionals, or b) if I am required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.
In the event that I have serious concerns for your personal safety or that of someone known to you I have a legal obligation to inform the relevant safeguarding authorities. If so, then I will inform you of this at that time.
In the event that your homeopathic treatment requires additional expert advice I may discuss your case with a registered supervisor. However your personal details will remain confidential and anonymised.
How your information is kept secure.
Security precautions are in place to protect the loss, misuse or alteration of your information. All paper records are kept under lock and key and electronic records are password protected. I will only contact you for the purpose of managing the therapeutic relationship and to aid in your treatment, unless otherwise agreed. Personal and private details will not be disclosed via text or email, unless requested by you, and you should also be aware that any personal and private data that you wish to send to me via text or email may not 100% be guaranteed as secure and protected.
You can amend your contact preferences at any time by contacting me via email or telephone.
Data Handling & Privacy Statement
Client Information
- All personal information is confidential. The only details that are shared (e.g. when booking appointments through a third party) are the person’s name and contact details
- The only occasions when personal information may be shared with a third party are either
a) as a legal requirement to prevent fraud or other crime
b) in order to ensure the personal safety of myself, the client or someone known to them
c) to maintain clinical excellence and professional guidance via a qualified and registered supervisor - All information is gathered solely for the purpose of analysing and prescribing
- Written records are made of consultations, analyses and prescriptions, as well as notes of communications between meetings
- Clients can request access to the information held on them but this must be in writing. Information must be provided to the client within 14 days
Client Contact
- Clients are contacted solely for the purpose of booking appointments and case management
- Clients are to be contacted via their preferred method of communication
- Details of private and personal information will be shared with the client on a one-to-one basis only (in person or by telephone) unless otherwise agreed
- Details of personal and private information will not be relayed via email or text unless requested. This is to avoid a third party being able to access this information
Security
- Written records are kept in the client file and stored under lock and key
- Electronic records and emails are password and security software protected
- Records will be stored for a period of seven years minimum following their final consultation (adults) or for seven years minimum following their eighteenth birthday (minors)
- In the event of a data breach when there has been an accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data the following actions must be followed:
- Alert the police if the data has been taken unlawfully
- Inform the ICO within 72 hours
- Keep a data processing record of action taken
- Inform your clients
Please fill in the sections below to agree that you have read and agree to both forms listed, for data protection compliance. Thank you