Please take your time to read our ‘Full GDPR Compliance Statement’. We are committed to driving the safety of patient confidential information and its processing.
We at Cherries Medical Clinic are committed to ensuring the security and protection of personal information including patient data that we process, and to provide a compliant and consistent approach to data protection. Please read the following which describes implementation of data protection roles, policies, procedures, controls and measures to ensure ongoing compliance with GDPR.
Our GDPR Principles
Cherries Medical Clinic takes the privacy and security of individuals and their personal information very seriously. Our principles for processing personal information are:-
We will process all personal information fairly and lawfully.
We will only process personal information for specified and lawful purposes.
Where practical, we will keep personal information up-to-date.
We will not keep personal information for longer than is necessary.
Data Subject Rights under GDPR
At Cherries Medical Clinic, an individual can request information about:-
What personal information we hold about an individual
The categories of personal information we collect from an individual.
The purposes for collecting and processing personal information from an individual. Whilst we get communications and bookings done mainly through our business WhatsApp channel, we advise patients to refrain from sending patient identifiable information even though WhatsApp claims be to end-to-end encrypted. We would thoroughly recommend for personal information to be emailed over to our secure business email at info@cherriesmedicalclinic.co.uk (currently access to this webmail address is with Dr Anwar only). We prefer to send over appointment confirmations through normal text phone messaging or WhatsApp unless there is any objection to this method, then do please specify at time of booking on the webpage enquiry form.
How long we plan to keep the personal information.
The process to have incomplete or inaccurate personal information corrected or completed.
Where applicable, the process for requesting erasure of personal information or for restricting the processing of personal information in accordance with data protection laws, as well as to object to any direct marketing from us.
About any automated decision-making that we use.
Our GPDR Compliance Plan
Here’s an overview of our steps that we are taking to ensure compliance with GDPR at Cherries Medical Clinic:-
We conducted a data mapping inventory and analysis of collected personal information in our systems and records.
We have established procedures and policies to restrict processing of personal information.
We have updated our procedures for data breaches and incident responses.
We have updated our company’s Data Protection Policy, Data Retention Policy, Information Security Policy, Cookies Policyand Privacy Policy.
We have reviewed all processing activities to identify the legal basis for processing personal information and to ensure that each basis is appropriate for the activity it relates to.
Contact us if you have GDPR related questions
If you have any questions about this GPDR Compliance Statement, or our privacy or security practices, please contact us:-
Website: https://cherriesmedicalclinic.co.uk
Email: info@cherriesmedicalclinic.co.uk
Phone: 07306852397