Dr M Aesthetics Ltd
Please see the reasons and uses of patient data below:
Why we collect and use your information (purpose of processing)
We ask for information about you so that you can receive care and treatment. We keep this information, together with details of your treatments, because it may be needed if we see you again, and allows continuity of your treatment.
As data controllers under the GDPR we process personal data (under Article 6) and sensitive data which the GDPR terms as Special Categories (under article 9).
Personal data is defined as information relating to a living individual that can identify them. Examples include name, date of birth, address or a combination that can also identify an individual.
Why do we hold your information?
Records about you are used by those treating you to:
Provide a good basis for all treatment decisions by you and care professionals
We may offer you services, referrals or information based on your profile Enable you to work in partnership with those offering further treatment.
Make sure the treatment we provide is safe and effective care
Work effectively with others providing you with treatment.
Remind you about appointments.
Other staff members within Dr M Aesthetics Ltd may also need to access records about you to:
Check the quality of care (called clinical audit)
Protect the health of the general public
Help investigate untoward incidents, complaints or legal claims
Organise follow up appointments
Help with research. If we need to use information that identifies you, for more than your direct care or to check the quality of that care we will always seek your consent beforehand.
To keep you informed of the work of Dr M Aesthetics Ltd such as new services and to carry out surveys.
How your patient records are used to help you
Your doctor, nurse or any other professional involved in your treatment needs to have accurate and up-to-date information to assess your health.
A record of any treatment you receive at Dr M Aesthetics Ltd needs to be kept, in case you return for further treatment.
This information is available should you have to see another doctor or receive treatment elsewhere.
Your records are a good basis for staff to assess the type and quality of treatments you have received.
Your concerns can be properly investigated if you need to complain.
How we keep your records confidential
Everyone working for Dr M Aesthetics Ltd has a legal duty to keep information about you confidential.
We may need to share some information about you so that we can all work together for your benefit. We will only ever use, or pass on, information about you if others involved in your care have a genuine need for it such as our partner organisations listed below.
We will not disclose your information to third parties without your consent unless there are exceptional circumstances. These may be in situations when the health and safety of others is at risk, or where the law permits information to be passed on. Anyone who receives information from us is also under a legal duty to keep it confidential.
We are required by law to report certain information to the appropriate authorities. This is only provided after formal permission has been given by a qualified health professional.
Occasions when we must pass on information include:
Where we encounter infectious diseases which may endanger the safety of others, such as meningitis, or measles (but not HIV/AIDS).
Where a formal court order has been issued.
Where a serious crime has been committed or a terrorist incident.
We have appointed a senior person, Mrs Nicola Mehta who is responsible for protecting the confidentiality of patients and enabling appropriate and lawful information sharing.
Where is you data stored and how is it kept secure?
All patient data is stored on our clinical online system, Cliniko. Below shows how cliniko ensures patient data safety.
Ultra Secure Facilities
Cliniko is hosted in state of the art datacenter facilities. Physical access is controlled both at the perimeter and at building ingress points by professional security staff utilising video surveillance, intrusion detection systems, and other electronic means.
Two Factor Authentication
Two factor authentication adds an extra layer of security to Cliniko so you require not only your password, but also a log-in code generated on your smartphone to access your account. Put simply, enabling two factor authentication is the single best thing you can do to improve the security of your Cliniko account.
We use datacenter facilities that are built in clusters in various global regions. In case of failure, automated processes move customer data traffic away from the affected area and into other sites. We are very open about our uptime, you can see all the details at our System Status page.
Accreditations and Certifications
We choose our partners carefully. Our hosting partner has achieved the following accreditations and certifications; PCI DSS Level 1 (Payment Card Industry Data Security Standard), ISO 27001 (Information Security Management System), FIPS 140-2 (United States Federal Information Processing Standard).
Cliniko is monitored 24 hour a day, 7 days a week, 365 days a year. If something goes wrong, we will be the first to know about it and will have technicians working to fix the problem immediately, no matter when it occurs.
Cliniko runs completely under HTTPS. This means your data is encrypted during transfer using a 2048-bit SSL certificate.
Our database and file attachments are encrypted at rest, using the industry standard AES-256 encryption algorithm.
Our team has the minimal required level of access to customer information in order to maintain our systems and to assist you appropriately.
Cliniko data is backed up daily. Backups are redundantly stored in multiple physical locations.
Who do we share information with?
We will share information with you the patient.
We will also share information as required by law, for example, to comply with a court order.
We will anonymise or pseudonymise your information wherever possible to protect confidentiality.
Information we are required to report
We are also required by law to report certain information to the appropriate authorities, for example information regarding crimes to the police and where a court order has been received.
We share anonymous information with local authorities and the police for the purposes of crime mapping.
Social media and our website
When you use our website or interact with our social media presence (eg Twitter, Instagram and Facebook) your data (eg comments, likes, reviews) may be visible to providers of social networking services and their users.
We suggest that you review the privacy and security settings of your social media accounts to ensure you understand how your data maybe shared and used.
Information on visitors to the website are collected by Google Analytics which collects information on pages visited, length of visit, URL and search terms of referring sites, your browser’s capabilities, and your IP address. Google will not associate this with any other data held by Google. You can opt out of Google Analytics with their opt-out browser add-on (opens in a new window) or any of a number of third party privacy extensions for your browser.
We do analyse the server log files which contain details of the Internet address (IP address) of computers using the site, pages looked at, the times of day and the type of web browser used. None of this information is linked to individuals.
You will automatically be added to our mailing lists in order for you to receive information not related to your direct care, for instance, to receive information about Dr M Aesthetics Ltd and its activities.
You can stop receiving such communications at any time by letting us know and this will be made clear when you sign up.
Transfers of your information to third countries or international organisations
We do not transfer your data to third countries.
How long do we hold your information for?
We retain health records for at least eight years from the last date that you presented at Dr M Aesthetics Ltd.
These are the minimum times for which we keep information; we may keep it for longer if we believe doing so will be of benefit to you or we are not able to delete it due to a technical issue for example.
We have a duty to:
Maintain full and accurate records of the care we provide to you
Keep records about you confidential and secure
How can you access (get a copy of) your health records?
You have the right to see or have a copy of your personal information.
You do not need to give a reason; and normally there will be no charge.
We may charge a ‘reasonable fee’ when a request is manifestly unfounded or excessive, particularly if it is repetitive.
We may also charge a reasonable fee to comply with requests for further copies of the same information.
Any fee will be based on the administrative cost of providing the information.
If you want to access your health records, you should make a written request to Dr M Aesthetics Ltd subject access team at the following address:
Subject Access Team
Dr M Aesthetics Ltd
23 Church Street
Tel: 01636 923094
Before records are release we will seek the advice of the person in charge of the patient care to ensure that no information about an individual’s physical or mental health or condition will be released if it would be likely to cause harm to them or another person’s physical or mental health condition. We will also withhold information provided by third parties where we don’t have consent to release it or where the patient has made it clear that they did not want the information disclosed.
Before providing any information we will need to verify your identity and may request further information from you so we may progress your query as quickly as possible.
Your rights in respect of restricting our processing of your information
Your right to be informed
This means you have a right to be informed about the way we collect and use your data.
Your right to rectification
This means you have the right to have inaccurate (incorrect or misleading as to any matter of fact) personal data corrected or completed.
Your right to have your personal information erased
This right is not absolute and only applies in certain circumstances.
It does not apply to Health Records which are legal documents under the Public Records Act 1950.
You can request either in writing or verbally to have your information erased. We will respond to your request within one month.
When does the right to erasure not apply?
If the processing is necessary for public health purposes in the public interest (eg protecting against serious cross-border threats to health, or ensuring high standards of quality and safety of health care and of medicinal products or medical devices); or
if the processing is necessary for the purposes of preventative or occupational medicine (eg. where the processing is necessary for the working capacity of an employee; for medical diagnosis; for the provision of health or social care; or for the management of health or social care systems or services);
to comply with a legal obligation;
for the performance of a task carried out in the public interest or in the exercise of official authority;
for archiving purposes in the public interest, scientific research historical research or statistical purposes where erasure is likely to render impossible or seriously impair the achievement of that processing; or
for the establishment, exercise or defence of legal claims.
The right to erasure applies if:
Your personal data is no longer necessary for the purpose which we originally collected or processed it for;
We are relying on consent as your lawful basis for holding the data, and you withdraw your consent;
We are relying on legitimate interests as your basis for processing, you object to the processing of your data, and there is no overriding legitimate interest to continue this processing;
We are processing the personal data for direct marketing purposes and you object to that processing;
We have processed your personal data unlawfully, or we have to do it to comply with a legal obligation; or
We have processed the personal data to offer information society services to a child
Your right to Restrict processing
This means that you can request the processing of your data is blocked and your data stored separately.
You may request a restriction verbally or in writing. This is not an absolute right and will depend on the circumstances of your request.
The length of time the restriction will apply for will depend on the circumstances of your request.
If you restrict our processing of your data we are permitted to store the personal data, but not use it.
We will respond to your request within one calendar month.
You have the right to restrict the processing of your information in the following circumstances:
You contest the accuracy of your personal data and we are verifying the accuracy of the data.
We no longer need the personal data but you need to keep it in order to establish, exercise or defend a legal claim; or
How might we restrict processing?
We may make the information unavailable to users:
Temporarily move the data to another processing system;
Make the data unavailable to users; or
Temporarily remove published data from a website.
When will a restriction be removed?
Once we have made a decision on the accuracy of the data, or whether our legitimate grounds override those of the individual, we may decide to lift the restriction. We will inform you before we lift the restriction.
Your right to data portability
This means that you can request a secure transfer of your data to another Data Controller.
The right to data portability only applies when:
the data is about you and that it was provided by you to the Trust.
where the processing is based on your consent or for the performance of a contract; and
when processing is carried out by automated means
See the section on how to access your health records (subject access).
If the Trust provides your information to you under the right to portability no fee will be payable and the information will be provided within one month.
Your right to object
This means that you have the right to object to the Trust processing your data where the processing is based on:
legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling);
direct marketing (including profiling); and
processing for purposes of scientific/historical research and statistics.
You must have an objection on “grounds relating to your particular situation”
We will stop processing your information unless:
We can demonstrate compelling legitimate grounds for the processing, which override your interests, rights and freedoms; or
the processing is for the establishment, exercise or defence of legal claims.
The Trust is conducting research where the processing of personal data is necessary for the performance of a public interest task, in which case the Trust is not required to comply with an objection to the processing.
Your right to withdraw your consent
This means that once you have given your explicit consent for your information to be processed you have the right to:
Withdraw your explicit consent for the processing of your information.
You can withdraw your consent by informing the department / team that took your consent. You can do this in writing or verbally.
The fact that consent may be obtained for confidentiality purposes does not mean that consent must also be the lawful basis applied for the purposes of processing data in compliance with the Data Protection Legislation. Well established national guidance on confidentiality remains applicable.
It should be noted that:
Data protection requirements (GDPR) do not affect the common law duty of confidence (confidentiality).
Although the practice of assuming implied consent for processing data for direct care purposes will not comply with the consent standards under the GDPR, this does not mean that implied consent ceases to be valid for confidentiality purposes (e.g. sending a discharge summary to your GP).
Close circuit Television (CCTV)
The use of CCTV around the clinic and entrance areas has been considered and is required for the purposes or prevention and detection of crime, ascertaining damage to property, protecting the safety of visitors and any legal matters that may arise where CCTV footage is requested.
Images will be retained for a period no longer than 60 days and then disposed of, unless required for the purposes named above. Images from the CCTV are securely stored and only a limited number of authorised persons have access to them. The recorded images are only retained long enough for any incident to come to light, which can then be investigated.
Cameras have been positioned to only capture images of persons visiting the premises and there is a designated person responsible for the system. This person is the clinic manager who can be contacted on firstname.lastname@example.org or at:
23 Church Street
The potential impact on individual’s privacy has been identified and taken into account in use of the system.
Updated: 1st March 2019