Privacy Policy

Name of DPO:  Philip Bridgford
Address of DPO 5 Head Street Colchester, Essex CO1 1NX
Tel/ E mail 01206573892/ Bethellandclark@optician.com
Responsible Person : Philip Bridgford

Category of personal data and data subject Legal basis for processing personal data Who these personal data are shared with Time limits for erasure Technical/organisational security measures to ensure level of security appropriate to risks
Patient records – including retinal photographs, referral letters etc. Lawful Basis  for the purposes of health care Registered health care professionals and those under their supervision The NHS specifies 7 years or, in the case of children under 18, until their 25th birthday. College of Optometrists guidance is that it is best practice for records to be kept for 10 years. Only registered health care staff  have access to the complete patient record. All registered staff comply with GOC standards, which ensure they respect patient confidentiality. Paper records are kept securely. Electronic data is password protected, employees can only access the information essential for their role, all employees have passwords so there is an audit of any changes made, there is also a back-up system that means data can be restored. All anti-virus software and other software are kept up to date.
Customer records – e.g. direct debit/payment details Legitimate Interest The data subject’s bank Kept for tax purposes and future claims/information Paper records are kept securely. Electronic data is password protected, employees can only access the information essential for their role and receive appropriate training for their role. All employees have passwords so there is an audit of any changes made, there is also a back-up system that means data can be restored. All anti-virus software and other software are kept up to date.
Menu