Privacy Notice

PRIVACY NOTICE

You can visit my web site without telling me who you are and without revealing any information about yourself. However, there may be occasions where I do ask you to provide certain information by which you can be identified when using this website.
However, you can be assured that any information you provide will only be used in accordance with this privacy statement and I am committed to ensuring that your privacy is protected.

You may wish to provide your information when:

· You choose to contact me for an appointment.

· To request information from me.

Data that I collect.
·         Your name.
·         Your contact information including a telephone number and E-Mail address.
·         A brief reason for requesting an appointment.

What will I do with the data you provide?

It allows me to provide you with the information requested and or to offer you an appointment and provision of service.

Your data will be used to enable me to contact you with your requested service.
Should you book and attend an appointment your data will be transferred to your clinical record. If you do not wish to make an appointment your E-Mail containing your data will be deleted.

Security of your data.

I am committed to ensuring that your information data is securely protected.   I have electronic security measures in place to ensure that your data is protected against unauthorised access, loss or destruction.

Web links.

My website may contain links to other websites of interest. However, once you have used these links to leave my site, you should be aware that I don’t have any control over the other website.Therefore, I cannot be responsible for the protection and privacy of any information which you provide whilst visiting these sites.   I strongly suggest that you read any privacy notice attached to an individual site.

INFORMATION WHICH APPERTAINS TO YOUR DATA COLLECTION:

When you make an appointment ,I will request and record specific data from you, which is required to establish your medical healthcare record.

I have set out below the type of data that I require for your assessment and treatment in respect of clinical hypnotherapy and / or Reiki.

Data Controller: Louise Oliver Hypnotherapist and Wellbeing Practitioner.

Lawful basis

My Lawful Basis for collecting, recording, storing and using your data is “Legal obligation”. However, I access other lawful basses for certain criteria, as listed below:

Legal Obligation

I have determined that my lawful bases is “Legal Obligation” which represent my activity in regards to the Practitioner and client relationship and my relationship with a client’s medico-legal intermediary, health insurance Provider, solicitor and/ or health care professional.   Therefore, I have a statutory requirement to record, collect, store and use your data.

Performance of a Contract

Should I be in a position to offer you a credit/debit cards service then I will process your payment details via this lawful basis.

Consent

Please note, that on your first appointment, you will be provided with a laminated version of my privacy notice and you will be required to read and sign a further two forms:

1.     Data consent form.
2.     Terms and Conditions and Treatment consent form.

What information is being collected?

Information provided by you and recorded by me will consist of personal identifiable information and sensitive personal data regarding your health and wellbeing.

Personal details:
·         Name, date of birth, postal address, telephone numbers and your E-Mail address.

Sensitive health related details:
·         Presenting condition, general health history, medications and any allergies.
·         Your Doctors details and any other Professional involved in your care.
·         Health insurances and medic-legal intermediaries involved in your care.

Lifestyle activities:

Sports, hobbies, accommodation details, employment details, sleeping and eating behaviours, pet ownership, smoking and alcohol consumption.

Assessment and treatment details:

Health related notes will be compiled of your assessment, treatment and your progress in respect of any professional treatment and/or therapy provision that you have requested and undertaken.

Payments history:

·Details of your payments and methodology are recorded on our Tax records for submission to our accountants and HMRC.

Who is collecting it?

I, as the practitioner looking after you, will collect your data.

How is it collected?

Data which is freely and voluntarily provided by you will be stored in hard copy under lock and key. Your email address will be stored in my Dropbox account and e-mail account for ease of contact.

Why is it being collected?

To formulate a medical health care record including any clinical and/or therapeutic treatment interventions recorded in your treatment plan.

How will it be used?

Your records are stored solely for the purpose of maintaining a medical record. Your medical records are designed to keep a historical and up to date evidence base of your health care provision, progress and rehabilitation.

Who will it be shared with?

Your data will not be shared with any other party unless you request it to be shared and you provide your consent for us to do so.

With your consent, I may share your data with your GP and/or another allied Health Care Professional for consulting and referral purposes and for obtaining a second opinion.

Any medico-legal organisation, health insurance provider and/or solicitor referring you will have obtained your consent for us to report certain data back to them on a standard medico-legal reporting template or a clinical letter.

If requested, I am legally bound to share your data with any lawful and/or Crown agency that requests access to your data via appropriate data release requests.

I provide my accountants and HMRC with my taxation records on a yearly basis. Information sent to these organisations will consist of your initials and your reference to your payment methodology such as: your bank, cheque no, cash payment, BACS and/or credit and debit card transaction.

My Accountants

Accounting Connexions Ltd, Doncaster

What will be the effect of this on the individuals concerned?

To promote and enhance your healthcare, improve the quality of your life and provide health care protection and safety.

Is the intended use likely to cause individuals to object or complain?

No, because the clients’ healthcare and wellbeing is the basis of my business and therefore, I always act in the best interests of the client.
If I need to write to your GP or NHS Health Care Professional then I will discuss my clinical reasoning for this activity and request you to sign a third party consent form.

When I complete a medico-legal template supplied by the referring organisation then I will report honest factual information which is objective and supported with clinical reasoning.

How is my data protected?

Hard copies of hand written notes are kept under lock and key. My software programmes are protected with software which is constantly updated by the manufacture to meet any new cyber threats.   Policies and processes are in place and a range of structural security is present.

·         Under the General Data Protection Regulations (GDPR) you have individual rights:

1.     The right to be informed
2.     The right of access
3.     The right of rectification
4.     The right of erasure
5.     The right to restrict processing
6.     The right to data portability
7.     The right to object
8.     Rights in relation to automated decision making and profiling

How long do I keep your medical records?

Personal information that I process for any purposes shall be not be kept for longer than is necessary for the purpose or those purposes.I am legally bound by statutory requirements to hold your data for:

·         Adults: I keep your medical and treatment records for a period of 8 years from the date of your last appointment.

·         Children: I keep your records until you reach the age of 25.

There may be occasions where I need to keep your records for an indefinite period of time and I may withhold personal information that you request to the extent permitted by law.
I may also retain your personal information where such retention is necessary for compliance with a legal obligation to which I am subject, or in order to protect your vital interests or the vital interests of another natural person.

Controlling your personal information

I do not sell or distribute your information to any other organisation unless you have consented and/or contracted us to do so.

If your personal and sensitive data should change then please inform me immediately in order for me to update your personal records and clinical notes.   I have a duty under GDPR to inform all other parties of any such changes.

If you wish to contact me for any aspect in regards to your data, you may do so by contacting me by E-Mail at the address below:

Louise Oliver
info@louiseoliverhypnotherapy.co.uk
www.louiseoliverhypnotherapy.co.uk

If you wish to make a complaint

If you wish to complain about the manner in which I have handled, recorded, stored and or used your data then you may do so by contacting:

Information Commissioners Office
Wycliffe House, Water Lane
Wilmslow, Cheshire
SK9 5AF
Tel No 0303 123 1113
Fax 01625 524510
E-Mail www.ico.org.uk

Last updated:22/5/20

Louise Oliver Hypnotherapy Health and Wellbeing