Looking after your Personal Information
As of 25th May 2018 the General Data Protection Regulations (GDPR) replaced the Data Protection Act of 1998 and bringing regulations up to date and helping protect our personal information from our ever-expanding digital footprint.
My Data Protection Promise:
As the ‘Data Controller’ of your personal data, I take my role in the protection of your data very seriously. As such, I promise:
To only collect data from you that is relevant to your nutritional therapy.
Not to pass on your personal data to any third parties for marketing purposes.
To get your consent if I need to communicate with other healthcare professionals (such as your doctor) about your care.
To keep paper notes of your treatment records securely under lock and key in my office.
To maintain registration with the Information Commissioner’s Office, the UK’s independent body set up to uphold information rights: www.ico.org.uk
To ask your permission to send you information by open email.
Should you have any concerns about your personal data or wish to have information about the personal data I hold about you, you can contact me at firstname.lastname@example.org
Your Data Protection Rights under the GDPR:
As from May 2018 you have the right to:
Access any of the information that I collect plus any other content that forms part of your patient record, including notes and expect to be able to read them and understand what they mean without expert medical knowledge.
Know if your personal information has been forwarded to a third-party (such as a fellow healthcare professional, consultant or GP).
Have any invalid information about you corrected.
Have your personal data deleted by me if you so wish.
Prevent further use (or processing) of your information.
Ask me to send you personal information in an open electronic format, such as a text file.
Request that I stop sending you any marketing information.
Ensure that any profiling that is undertaken using your personal data is fair, appropriate, statistically valid and transparent.
Expect me to take appropriate measures to protect your data.
Be notified if critical information about you was inappropriately accessed and deemed a critical breach.
Not have your personal information transferred outside the UK.
Know how I am using your personal information.