Privacy Policy - Romsey Chiropractic Clinic

Here at the Romsey Chiropractic Clinic we take your personal data as seriously as we take your health, and we adhere strictly to current GDPR legislation.

What this means is that we will:

only record information that is needed to identify and to safely assess, examine, diagnose and treat you. We keep this is in paper format in confidential files, which live in lockable filing cabinets, and never leave our secured clinic at night. Your contact details are stored on a Practice Management System which adheres to EU and UK legislation regarding security and which has password protected controlled access. We back-up these contact details on a secured portable hard-drive, just in case. Only reception staff and relevant Clinicians (Chiropractic / Massage) have access.
only record financial information that is relevant to paying for your treatment, and to maintain accounting records that keep HMRC happy. We do not store your bank details.
never disclose information about you or your health to a 3rd party without your permission; this includes your GP (unless there is a rare legal requirement to do so, or we have agreed to refer you for further tests such as MRI or to another health professional).
only communicate with your insurance company if you have provided us with an authorization number from them to see us. As such your insurer will have their own records of your personal data and the reason for your visit to the clinic, and we may be required to share information with them that is relevant to us being paid our fee.
only use your data to communicate with you to remind you of an appointment or to follow-up on your progress where relevant. We never send you e-mails or texts for marketing purposes.

As we are regulated by statute, we are obliged to keep your health records for a period of 8-years after your last visit to see us, or until your 25th birthday if you are under 16, after which they may be destroyed. Your contact details may be kept for a longer period, but you have the right to request we delete the information we hold about you, provided it does not interfere with our legal requirements (NHS Record Management Code of Practice for Health and Social Care 2016).

If you would like further information, please request a detailed copy of our Privacy Policy (2018).