General Data Protection Regulation (GDPR) Patient Information


To protect your privacy and confidentiality all personal and sensitive information about you is collected, held and used in strict compliance with the General Data Protection Regulation (GDPR).


What is personal and sensitive data?

Personal data is data that can be used to identify you. This may include your name, date of birth, address, email address, contact number, source of referral etc. Sensitive personal data is information related to any of the following: racial or ethnic origin, political opinions, religious beliefs, trade union membership, health, sexuality or sex life, offences and/or convictions.

How do we collect your data?

We collect data in a number of ways, depending upon the situation:

• Over the telephone e.g. to confirm details of your personal information, treatment status, referral source, appointment time and date etc.

• By mail or email e.g. in response to an enquiry by you

• Through the website e.g. if you contact us via our "contact us” page with an enquiry

• Face to face during your appointment

• At the point of referral from an external source e.g. through an insurance intermediary or doctor that may be referring you.


How do we store your data?

You electronic records are stored securely and password protected using a system called Powerdiary. This is a specialist programme designed to record and store medical records safely. Your contact and billing information is accessible to our physiotherapists and administrators. The medical information recorded during your appointment can only be accessed by Horsham Physiotherapy & Sports Injury Clinic Chartered Physiotherapists for the purpose of your treatment or to audit our own record keeping to ensure that we meet the required professional standards.

How do we use your data?

Your data will primarily be used for the purpose of providing you with physiotherapy assessment and treatment. To help maintain high standards of practice we may contact you to invite you to participate in a patient satisfaction surveys. At no time will we share information about you with third parties such as other health care professionals or insurance companies without your written permission.


Can you withhold your consent?

As medical professionals we have a legal responsibility to keep accurate clinical records in line with the Chartered Society of Physiotherapy and Health and Care Professions Council (HCPC) standards. Without your consent to keep these records we will be unable to treat you.


Why might we share your personal and sensitive data and who might we share it with?

We will only ever share your information with your permission, for the purposes we have stated (unless required to do so by law).

How can you find out what information we hold about you?

You have a right to ask for a copy of your information and to correct any inaccuracies. On request Horsham Physiotherapy & Sports Injury Clinic will supply to you a copy of your personal and medical data. The first copy will be provided free of charge, but additional copies may be subject to a reasonable fee.