Briganti Physiotherapy understands that your personal data is entrusted to us and appreciates the importance of protecting and respecting your privacy. To this end we comply fully with the data protection law in force in the UK (“Data Protection Laws”) and with all applicable clinical confidentiality guidelines including those published from time to time by the CSP and HCPC.
Briganti Physiotherapy believes that everyone has a rigth to privacy and will never sell or trade any information gathered through e course of our business with our clients
For the purpose of Data Protection Laws, the data controller is Nathan Briganti, Briganti Physiotherapy, 14 Dollywagon way, Bamber Bridge, Preston PR5 6EW . Our company Registration number is 12270979 .
When we refer to ‘we’, ‘us’ and ‘our’, we mean Briganti Physiotherapy.
When we refer to personal data in this policy, we mean information that can or has the potential to identify you as an individual.
Accordingly, we may hold and use personal data about you as a customer, a patient or in any other capacity, for example, when you visit one of our websites, complete a form, access our services or speak to us. Depending on what services you receive from us this may include sensitive personal data such as information relating to your health.
Personal data we collect from you may include the following:
Where you use any of our websites, we may automatically collect personal data about you including:
In the interests of training and continually improving our services, calls to Sports and Spinal Physio and its agents may be monitored or recorded.
We may collect personal data about you from third parties such as:
Sensitive personal data related to your health will only be disclosed to those involved with your treatment or care, or in accordance with UK laws and guidelines of professional bodies or for the purpose of clinical audits (unless you object). Further details on how we use health related personal data are given below. We will only use your sensitive personal data for the purposes for which you have given us your explicit consent to use it. Please note that, although we have set out the purposes for which we may use your personal data below, we will not use your sensitive personal data for those purposes unless you have given us your explicit consent to do so.
We may use your personal data to:
We protect all personal data we hold about you by ensuring that we have appropriate organisational and technical security measures in place to prevent unauthorised access or unlawful processing of personal data and to prevent personal data being lost, destroyed or damaged. We conduct assessments to ensure the ongoing security of our information systems.
Any personal data you provide will be held for as long as is necessary having regard to the purpose for which it was collected and in accordance with all applicable UK laws.
All information you provide to us is stored securely. Any payment transactions on our website will be processed securely by third party payment processors. Where we have given you (or where you have chosen) a password that enables you to access certain parts of our website or online exercise catalogue, you are responsible for keeping that password confidential. We ask you not to share a password with anyone.
The transmission of information via the internet cannot be guaranteed as completely secure. However, we ensure that any information transferred to our websites is via an encrypted connection. Once we have received your information, we will use strict procedures and security features for prevention of unauthorised access.
At your request, we may occasionally transfer personal information to you via email, or you may choose to transfer information to us via email. Email is not a secure method of information transmission; if you choose to send or receive such information via email, you do so at your own risk.
In the usual course of our business we may disclose your personal data (to the extent necessary) to certain third party organisations that we use to support the delivery of our services. This may include the following:
Where a third party data processor is used, we ensure that they operate under contractual restrictions with regard to confidentiality and security, in addition to their obligations under Data Protection Laws.
We may also disclose your personal data to third parties in the event that we sell or buy any business or assets or where we are required by law to do so.
External practitioners: If we refer you externally for treatment, we will share with the person or organisation that we refer you to, the clinical and administrative information we consider necessary for that referral. It will always be clear when we do this.
Your GP: If the practitioners treating you believe it to be clinically advisable, we may also share information about your treatment with your GP. You can ask us not to do this, in which case we will respect that request if we are legally permitted to do so, but you should be aware that it can be potentially very dangerous and/or detrimental to your health to deny your GP full information about your medical history, and we strongly advise against it.
Your insurer: We share with your medical insurer information about your treatment, its clinical necessity and its cost, only if they are paying for all or part of your treatment with us. We provide only the information to which they are entitled. If you raise a complaint or a claim we may be required to share personal data with your medical insurer for the purposes of investigating any complaint/claim.
Medical regulators: We may be requested – and in some cases can be required – to share certain information (including personal data and sensitive personal data) about you and your care with medical regulators such as the HCPC/CSP, for example if you make a complaint, or the conduct of a medical professional involved in your treatment is alleged to have fallen below the appropriate standards and the regulator wishes to investigate. We will ensure that we do so within the framework of the law and with due respect for your privacy.
From time to time we may also make information available on the basis of necessity for the provision of healthcare, but subject always to patient confidentiality.
In an emergency and if you are incapacitated, we may also process your personal data (including sensitive personal data) or make personal data available to third parties on the basis of protecting your ‘vital interest’ (i.e. your life or your health).
We will use your personal data in order to monitor the outcome of your treatment by us and any treatment associated with your care..
We may participate in national audits and initiatives to help ensure that patients are getting the best possible outcomes from their treatment and care. The highest standards of confidentiality will be applied to your personal data in accordance with Data Protection Laws and confidentiality. Any publishing of this data will be in anonymised, statistical form. Anonymous or aggregated data may be used by us, or disclosed to others, for research or statistical purposes.
In the interest in providing comparable clinical outcome and performance data to the public across independent sector providers in healthcare, many independent hospital operators – are required by law to provide activity data, including some personal data, as set out in more detail below, for publication by The Private Healthcare Information Network (PHIN). Currently we are not required by law to provide such data however please be aware that in due course this law may come into effect for small clinical practices like ours.
PHIN is responsible for collecting, processing and publishing information on the quality and cost of privately-funded healthcare in the UK. The publication of this information is intended to:
Providers must provide to PHIN with details of each episode of care, including a summary of each record of treatment including; the dates when each patient was in hospital, what treatment was carried out and by whom.
Providers are also required to provide: patient satisfaction survey data, Patient Reported Outcome Measures (PROMS) – patient reported health improvements following treatment and details of any adverse events relating to the patients treated.
Data Protection Laws give all individuals the right to make a ‘Subject Access Request’ to obtain a copy of any information that any organisation holds about them. See Accessing and updating your information below for more details.
We may also use other companies to set cookies on our websites and gather cookie information for us – please refer to the information detailed below. From time to time we may also analyse Internet Protocol (IP) addresses or other anonymous data sources.
By law, website operators are required to ask for a website user’s permission when placing certain kinds of cookie on their devices for the first time.
Where consent is required, the law states that it should be “informed consent”, which means we must ensure that you understand what cookies are and why we want to use them.
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity.
Cookies do lots of different jobs, like letting you navigate between pages efficiently, remembering your preferences, collecting information on how visitors use a website and generally improving your user experience.
They can also help to ensure that adverts you see online are more relevant to you and your interests.
You block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential Category 1 Cookies) you may not be able to access all or parts of our websites. For information on how to delete cookies, please refer to: use https://ico.org.uk/for-the-public/online/cookies
You have the right to ask us not to process your information in this way at any time. If you no longer wish to receive web based marketing information you can unsubscribe by emailing email@example.com For non-web based marketing information please write to: Sports and Spinal Physio 24 Tallon Road Hutton CM13 ITE.
We would ask you to give us a reasonable amount of notice, to give us time to update our systems. While the precise timings vary by department we generally ask that you give us at least 30 days’ notice.
The law gives you certain rights in respect of the personal data that we hold about you. In addition to your right to stop marketing, detailed above, below is a short overview of the most commonly-used rights. It is not an exhaustive statement of the law.
With some exceptions designed to protect the rights of others, and subject to payment of a small administrative fee (currently £10, or up to £50 for paper-based health records), you have the right to a copy of the personal data that we hold about you
You have the right to have the personal data we hold about you corrected if it is factually inaccurate. It is important to understand that this right does not extend to matters of opinion, such as medical diagnoses. If any of your personal data has changed, especially contact information such as: email address, postal address and phone number please get in touch with Sports and Spinal so we can ensure your personal data is kept up to date
If you want to exercise your rights in respect of your personal data, the best way to do so is to contact us by email on firstname.lastname@example.org or to write to us for the attention of the data protection officer at the address below. In order to protect your privacy, we may ask you to prove your identity before we take any steps in response to such a request.
Data Protection Officer, Sports and Spinal Physio, 24 Tallon Road, Hutton, CM13 ITE.
If you are not satisfied with how we handle your request, you can contact the Information Commissioner’s Office on 0303 123 1113 or visit their website (http://www.ico.org.uk).
Sports and Spinal Physio
24 Tallon Road