Introduction: user and patient privacy
What information do we collect about you?
You are free to browse our MSC Osteopathy website without disclosing any personal information.
Personal information about you that you provide when you contact us or attend an appointment, including yours (or your animal’s) name, title, billing address, contact information (such as your telephone number and email address) and a medical history, is stored on our electronic cloud system Cliniko (who also comply appropriately with UK GDPR laws).
Our reception line is run by a virtual reception company (Verbatim) in Newbury, UK. If you contact us via our reception line, they will request your name, email address, and mobile telephone number to the appointment. However, Verbatim and their employees are unable to access any further information at a later date, as their access is limited to bookings only.
Medical record keeping: We have our insurance policy with the Institute of Osteopathy (iO) and Balens. It is a condition of our Insurance Policy and governing body that we take and retain client records:
Osteopathic Practice Standard D5 (3) says that we should keep patient record for a minimum of eight years after your last consultation, if the patient is a child, until their 25th birthday. After which, records will be destroyed.
We work closely with other healthcare professionals, to ensure that the very best service can be provided for you (and your animals) needs. However, before speaking to any professional, you will be asked to give written consent. This is to ensure that we know you are happy with the data that we share and the depth of information being discussed.
In regards to animals, we are required to gain a Veterinary referral according to the Veterinary Surgeon act 1966, prior to attending the initial consultation.
Security and privacy when processing of your personal information
At MSC Osteopathy, we understand that security is an important concern for you. Information you give us will be stored securely on our computer systems. Moreover, all team members use password protected computers to ensure that all your personal details remain confidential.
MSC Osteopathy complies with all applicable Data Protection legislation and we never show information about patients (human or animal) without written consent. Our security technologies and procedures are regularly reviewed to ensure that they are up to date and effective.
Unfortunately, the transmission of information via the internet is never completely secure. We therefore cannot guarantee the security of any information transmitted to or from our website or via email communications. Any transmission is undertaken at your own risk, and you should ensure that your payment transactions are made in a secure environment. You should keep confidential any personal security codes and passwords, and comply with any instructions that we may give you in order to keep such details confidential and safe.
How do we use your information?
We may use information about you in the following ways:
a) To provide you with information about MSC Osteopathy, your appointments and any invoices that you incur, which are necessary for you as a patient
b) To carry out our obligations arising from any contracts entered into between you and us – such as our Terms & Conditions
c) To allow you to participate in interactive features of our service, when you choose to do so – such as online bookings and exercise plans
d) To notify you about changes to our services or clinic, such as opening times or practitioner details;
Please note that we will never sell or share your details to any third parties unless agreed with you.
When would we disclose your information?
We may disclose your personal data to third parties if:
a) We are under a duty to disclose or share your personal data in order to:
i) comply with any legal obligation
ii) enforce our terms and conditions
iii) protect our rights and property or our safety and that of our customers and third parties.
This includes exchanging information with other organisations for the purposes of credit risk reduction.
b) We are bound as professionals, under a duty to disclose, to comply with any legal obligations and responsibilities surrounding the protection of life. This duty would be actioned in the event that a patient discloses to a practitioner that they may harm either themselves or others, be that an adult or a child.
c) Failure of the owner or carer to comply with the Animal Welfare Act 2006 would also result in personal data to be disclosed to the appropriate third party. This includes any serious shortcomings relating to owner/carer responsibility to:
i) provide a suitable environment
ii) provide a suitable diet
iii) ensure the animal is able to exhibit normal behaviour patterns
iv) ensure the animal is housed with or apart from other animals (based on animal needs)
v) ensure the animal is protected from pain, suffering injury and disease
d) The patient gives us permission to share information with a third party.
Accessing your information
You have the right to, at any time:
a) Access the information we hold about you in accordance with the Data Protection Act 1998
If you would like a copy of some or all of the personal information we hold on you, you can email firstname.lastname@example.org. Any access request may be subject to a nominal fee to cover our costs of our time.
b) Ask for your information to be corrected or updated