As health care professional (Massage Therapist) I must collect a certain amount of personal information from you in order to assess your current health and safely treat you. It is extremely important that this information be collected responsibly and kept confidential but at the same time it can also be disclosed to other individuals under appropriate circumstances. This document details your rights and how I, Robert Matzuzi, protect your personal information.
What is personal information?
We collect information about you in a range of forms, including personal data. As used in this Policy, “personal data” is as defined in the General Data Protection Regulation, this includes any information which, either alone or in combination with other information we process about you, identifies you as an individual, including, for example:
an individual’s personal characteristics (e.g., gender, age, income, home address or telephone number, ethnic background, family status);
health (e.g., health history, health conditions, health services received by them);
activities and views (e.g., opinions expressed by an individual, an opinion or evaluation of an individual).
Personal information is different from business information (e.g., an individual’s business address and telephone number). This is not protected by privacy legislation.
Who can see your health information?
When you request massage therapy from me, I assume that I have your permission to collect and use that information to provide you with best suitable massage therapy. I may share your health information, where I deem fit, with other healthcare professionals or providers in order to get a more meaningful insight of your current condition and treat you in a better way. Other providers are not entitled to your information, except in the cases I have listed below.
If you do not want me to use, share or give out some or all of your personal health information to other people who provide you with health care, please inform me as soon as possible.
Others agencies or companies may need to see part of your health care information, such as your employer or your insurance company. However, I cannot share information with these companies without your express permission.
You may also have family or friends to whom you would like me to give more detailed information about your health, like how your treatment is working or what kind of care you will need at home. You can let me know if I can discuss your health with family and friends. I must have your consent in order to do so.
When Your Consent is Not Required
I am allowed or may be required to use and/or give out some of your personal health information without consent in the following situations:
to report certain information, such as to report certain diseases to public health authorities
when I suspect certain types of abuse
to reduce a significant risk of serious bodily harm to a person or the public
to assist health researchers for research, as long as strict privacy requirements are met
to improve or maintain the quality of care or any related program or service
for risk management and legal purposes
to transfer or sell the professional practice to another person and to allow that person to assess the practice, so long as he or she signs an agreement to keep the information confidential and secure
to assess a person’s ability to make health care and other important decisions
for administration or enforcement of laws about the practices of health care providers, such as when my regulatory College (the CThA) does a peer assessment with me
for the purpose of a legal proceeding or complying with a court order, or other legal requirement
Marketing and Personal Information
Your personal information will never be provided to anyone for marketing purposes.
I understand the importance of protecting your personal information. For that reason, I have taken the following steps:
Paper information is either under supervision or secured in a locked cabinet.
Computers and backups are under supervision or secure in a locked or restricted area at all times. In addition, passwords are used on computers, and screens are locked when they are not in use.
Electronic information is transmitted either through a direct line, or has identifiers removed, or is encrypted.
Retention of Personal Information
I am required to retain personal information for some time to ensure that I can answer any question you may have about the services provided and for my own accountability to the Complementary Therapist Association (CThA).
I retain client files for 5 years, as required by the CThA and for Insurance purpose. In the case of persons under the age of 18 at the time of treatment, their data will kept for 5 years from the date after they attain the age of 18 years . In case of clients who are suffering from any mental incapacity, the records will be kept for 5 years from the date when they are deemed to be capable of making their own decision else I will keep their records indefinitely.
I destroy paper files containing personal information by shredding. I destroy electronic information by deleting it and, when the hardware is discarded, physically destroying the hard drive.
Viewing your own personal information
With only a few exceptions, you have the right to see what personal information I hold about you. I will try to help you understand any information that may be unclear (e.g., short forms, technical language, etc.). If you would like a copy of your personal information, please make your request in writing. I (Robert Matzuzi) reserve the right to charge a nominal fee for such requests.
Some exceptions may apply. For example, when the information relates to law enforcement, legal proceedings or another individual, you may not get to see the record.
I must respond to your request as soon as possible and within 30 days. There may be a delay if I have to ask others about your records or if it will take time to find the record. You have the right to be notified of such delays. If you require the record urgently, please let me know and I will do my best to get it to you.
If you believe there is a mistake in your information, you have the right to ask for it to be corrected. You must make this request in writing, stating specifically what in your record is incorrect or incomplete.
Do note that I cannot correct a record that was created by someone else as I do not know enough about the record to change it. Also, I cannot correct details where, for example, the opinions or observations in the record were made in good faith. You are entitled to be told the reasons for not making a correction and of your right to have a statement of disagreement attached to your records. You can also ask to have this statement made available to those who see the record.
If I correct a record, it must be done carefully so that the full corrected record remains visible or by ensuring that the corrected version is readily available.
If you would like further information, you can contact me on my email at email@example.com. I would be happy to discuss any questions or concerns you may have. As well, if you have a formal complaint to make concerning my privacy practices, you should contact me in writing. My address is:
Walworth Road 329 flat1,
SE17 2TG London
E-mail: firstname.lastname@example.org Contact number: 07851300923
I will respond to your concerns promptly. If, after discussing the issue with me, I am still not able to resolve your complaint or concern, you have the right to make a formal complaint to the Information Commissioner’s Office (UK). This must be done within one year of the matter you are complaining about. Their office can be reached at:
Information Commissioner’s Office Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF
Tel: 0303 123 1113
Fax: 01625 524 510
Website : https://ico.org.uk/