Currently we have to let you know how we use any information we hold for you and also need your written permission to share and send any of your information to third parties.
Under the GDPR there are additional things that we now have to tell you which include our lawful basis for processing the data and how long we keep it for. We also have to inform patients of their right to complain to the Information Commissioners Office (ICO) if you think there is a problem with the way we handle your data.
The GDPR includes the following six principles to follow that you should be aware of:
- Personal data should be processed lawfully, fairly and in a transparent manner.
- Personal data should be collected for specific purposes and not used for incompatible purposes.
- Personal data should be adequate, relevant and limited to what is necessary.
- Personal data should be accurate, kept up to date and errors erased or rectified.
- Personal data should be kept in a form that enables the identification of individuals for no longer than is necessary.
- Personal data should be kept secure.
As holders of your information we are obliged under GDPR to report any data breaches which may have a detrimental effect on individual patents to the ICO. These include any breaches that result in discrimination, damage of reputation, financial loss, loss of confidentiality or any other significant economic or social disadvantage.
Central Clinic intends to protect your information and our reputation by reviewing our policies and procedures to minimise the risk of any data breach. If a breach does occur we can assure all patients that this will be reported to the ICO and fully investigated.
Please be assured that Central Clinic has in place the necessary measures and safeguards to protect all of our patient information and that we are fully compliant with these new regulations.