Sunlight Nutrition Limited takes our data protection responsibilities very seriously and will make every effort to keep your data safe.
1. Consent to store data
Dietetic Treatment cannot be provided without consent to store personal data.
Where a child, under the age of 16, is the patient a named parent or guardian with ‘parental responsibility’ must provide consent. GDPR sets that a child over the age of 16 can provide their own consent.
If an adult is unable to provide consent, due to illness, physical disability or reduced mental capacity the individuals’ next of kin or an individual with ‘lasting power of attorney’ may provide consent.
As Dietitians we are able to act ‘in the best interests’ of the patient and will make an individual assessment where required. In exceptional circumstances, where the patient is unable to provide consent we may contact other health care providers, e.g. GP to decide on the most appropriate person to provide consent.
2. What information do we hold?
We hold records for all of our patients. It is a requirement of the British Dietetic Association, our governing body, and of the Health and Care Professions Council (HCPC) that we store patient records.
It is recommended that adult patient records are stored for 10 years from our last contact and that we store paediatric patient records until the child is 28 years of age. If the child is still under our care at the age of 18 years and beyond the data will be stored for 10 years from the last contact as with adult records.
Our patient records include:
* Personal information including names, address, contact telephone numbers and email addresses, date of birth, next of kin details, GP details and any details of other health care professionals involved in the care of our patient.
* Medical History and Drug History
* Records of dietetic assessments, including telephone / online / email advice or information provided
* Copies of any letters / reports written by Sunlight Nutrition Limited
* Any correspondence from other parties relating to the patient
3. Email / Telephone / Website Enquiries:
If we receive any enquiry via the telephone, our website or via email the details will be stored for up to 6 months. This data will not be used for marketing purposes, simply to ensure continuity if we receive further communication from the individual.
After 6 months records from the website / emails / telephone contacts will be deleted / destroyed if no bookings have been made. If an enquiry becomes a booking the data will be stored as part of the patient record.
4. Data Sharing
Copies of letters and reports written by Sunlight Nutrition Limited are shared with GPs and other healthcare providers, schools and workplaces with permission of the patient and only if this is clinically indicated.
In exceptional circumstances information may be shared with Social Services or the Police if we felt that an individual was at risk. This would be in-line with local safeguarding policies.
Data will not be shared with any outside parties for the purposes of marketing.
5. Information Requests
An individual has the right to view or receive copies of the information we hold. Any requests for personal information will be dealt with promptly (within 30 days in compliance with GDPR). We are not able to provide original documentation or erase records until it has been stored for the recommended 10 years for adult patients and until the child is 28 years for paediatric patients (see section 2).
6. What are we doing to keep you data safe?
All paper records are stored in a locked filing cabinet in compliance with GDPR.
All electronic records / documents are password protected and any computers containing personal data are stored in a locked house / room / filing cabinet in compliance with GDPR.
Any personal information sent via email will be password protected.
7. Data Breaches
If a data breach was suspected or reported Sunlight Nutrition Limited would contact the Information Commissioners Office (ICO) to notify them of the breach and seek advice from them on how to manage this. Individuals affected would be informed in line with ICO policy.
8. Additional consent to store data for marketing purposes
With individual’s consent we store a list of contact names and email addresses. We will use this data to keep individual’s informed of our products and services.
Individual’s are able to opt out of this service at any time using the contact details below.
9. How to contact us
Our Data Protection Officer is Samantha Howard. She can be contacted via:
Sunlight Nutrition Limited
Hodsock Lodge Farm
Telephone: 07414 641026 or 01909 730248 Or Email firstname.lastname@example.org
Policy written 20th May 2018