Let's talk about GDPR...
What is GDPR?
I'm afraid this month's blog is a bit on the boring (but necessary) side!
You've probably been seeing "GDPR" around a lot recently, and even if you haven't, you may have have noticed that you've been getting lots of notifications and emails about everyone's changing privacy policies or asking for your consent to continue to email you, so what's going on?
GDPR stands for General Data Protection Regulations. They are replacing the Data Protection Act (1998), coming into effect from 25th May across all EU countries. It is there to ensure that our personal data is stored lawfully. It is regulated by the Information Commissioner's Office (ICO).
What does this mean for me?
Essentially, it means that anyone who stores personal data (i.e. data that could identify someone) has to have policies and procedures in place to keep data safe. There's A LOT of information regarding GDPR but here are some key points:
Safely and securely process and store data
Only process data for as long as it is necessary
Only process data that is needed (for example, we never store data about religion or sexuality as it is not necessary for us to provide our service to you!) and making sure that the data is accurate
Only use data for lawful reasons
Gives your more control over your data and how it is used
You will have to OPT IN to any marketing (yay, less junk mail!)
How is Gillingham Chiropractic GDPR compliant?
At Gillingham Chiropractic Clinic we take protecting your data seriously and we are well on our way to becoming GDPR compliant. If you are a current patient of ours, you will be hearing from us shortly to ensure that you are still happy to receive appointment reminders and any emails from us (please note you can opt out at any time). We will also be sending you a copy of our privacy policy.
It is also important to note that because we are aiming to eventually go paperless, a lot of our data is cloud-based. Because of this we will only use services that are also GDPR compliant.
Because Gillingham Chiropractic Clinic processes health data, there are some GDPR rules that don't apply to us. So please note that by law, we are required to keep health records for a period of 8 years after the date of your last appointment with us. For patients under the age of 18 we are required to keep them until the person's 25th birthday (or until their 27th birthday if they were ages 17 at the date of their last appointment).