Data Protection Policy


The GDPR are important European regulations that apply to all EU Member States from 25 May 2018

Who we are

Sarah Holmes Health

197, Wellington Hill West, Henleaze, Bristol, BS9 4QW

0117 907 7722

Personal information gathered will be:

Name, address, date of birth, telephone number, e-mail, GP/Consultant, and details of your current condition and past medical history.

Why we collect information and what we do with it

Contact information will be stored on the TM3 on-line diary system. This will be accessed by My Ruby – remote reception service – all Sarah Holmes Health staff for the purpose of making appointments or for accounting.

It is usual that clinical records are kept for a period of time. Your records will be kept indefinitely to comply with UK law and professional body guidelines.

Physiotherapy information is stored in paper form and kept in a locked filing cabinet in locked premises.

Letters sent to your GP or consultant are held electronically and password and virus protected.

You may be referred to us by an insurance company by e-mail. Your personal details will be on this e-mail and will be password and virus protected.

Copies of your physiotherapy records may be sent to solicitors only with written consent from you. These will be sent by recorded delivery or by password and virus protected e-mail.

The purpose of processing is to identify the patient, to enable safe treatment to communicate with appropriate professionals, and to enable timely and efficient access to appointments/treatment.

We collect information/clinical records about your condition and any related information such as occupation and hobbies. This information is gathered fairly and transparently for a lawful basis and forms a legal document.

Your information (with your consent) may be passed to third parties in the form of a referral letter or a report to a GP, consultant or insurance company.

Information required for patients under 16 will be obtained from the parent or guardian accompanying the child at their appointment.

Your rights

You have certain legal rights to control what we do with your information. These include:

  1. The right to be informed on how we use your personal information.
  2. The right of access to your personal information.
  3. The right to request rectification of any data we hold. ( The rectification policy can be requested)
  4. The right to erasure. (The erasure policy can be requested)
  5. The right to restrict processing. (The right to restrict processing policy can be requested)
  6. The right to data portability.
  7. The right to withdraw consent.
  8. The right not to be subject to automated decision making.

We regularly review and where necessary update our privacy information. We undertake a regular information audit. Training is provided so that our staff/reception service understand the need to consider a data protection impact assessment at the early stages of any plan involving personal data.