GDPR- Your privacy is (..and always has been!) really important to us!!

As you probably know by now on the 25th May 2018 new regulation is coming into practise that will govern how all organisations (including the Bexleyheath Osteopathic Practice) manage, store and use your personal data.

We thought, in order to be compliant, now would be a good time to reassure everyone about our policies.

Medical records have always been subject to stringent confidentiality guidelines, and when we take our case histories (which here, are recorded with pen and paper) we have always been obliged to keep them stored in a cupboard under lock and key. It is recommended that we keep notes for at least 8 years after we last see a patient, or until a child turns 25 years old. We afford the same level of privacy to all of the data we hold regardless of age.

These notes have only ever been accessible to staff members all of whom are trained about the importance of medical confidentiality. This remains the case, and is a responsibility we take very seriously.

On a first visit, when we take a patient’s initial case history it is obviously important (..and a General Osteopathic Council regulation) to take a certain amount of personal data such as name, address, age etc. We have never asked for (or stored) patients' email addresses as part of this process, but do ask for a preferred telephone number in order that we might contact people to send appointment reminders, or perhaps amend appointments if necessary. Some of these numbers are securely stored on mobile phones that require a passcode and finger print scan to access. Whilst we respect a patient’s right to request that we do not contact them, there are occasions that it might be necessary for the smooth running of the practice. We try to keep contact to a minimum.

If patients contact the practice by email, access to the email account is enabled to staff members only and password protected. Part of the reason that GDPR legislation has come into place is to stop organisations from inundating people with unsolicited “junk mail”. We do NO email marketing. We rely primarily on patient recommendations and people contacting us (by phone, but occasionally email) normally via our website.

Personal data has become a valuable commodity, and some companies sell what they hold for profit to third party organisations. Please be assured that we never have, and never will, partake in such activity.

I hope that this information outlines our commitment to GDPR compliance and gives you an idea about how seriously we take your privacy. I also hope that it reassures you that any information we hold, we do so as securely as possible, and only in order that we can supply the best possible service to our patients.

Thank you.


© Bexleyheath Ostepathic Practice 2013