Important Compliance Requirements: Privacy Notice, Patient Records, and ICO Registration
As part of our ongoing commitment to the high professional standards and ensuring compliance with current regulations, we are writing to advise you of your legal obligation to comply to the guidelines set forth by the Information Commissioners Office (ICO); Which is that you display a clear and comprehensive ‘privacy notice’ on your websites. This notice should inform patients about how their data is collected, used, and protected.
Please note: The IOT’s Code of Professional Practice and Ethics states that all patient records must be retained for a period of 7 years following their last treatment or consultation, and we advise that this information should be included.
How to Implement your Privacy Notice
Website Display: Ensure your privacy notice is easily accessible on your website. It should be displayed on the homepage or linked clearly in the footer. A privacy notice template from the ICO can be found here: https://ico.org.uk/for-organisations/advice-for-small-organisations/create-your-own-privacy-notice/ (don’t forget to include that you retain records for 7 years).
The IOT have also created a privacy policy template for registrants to adapt and use, which can be found here.
Patient Communication: Highlight the privacy notice in your communications with patients. This can be achieved by including a link in the ‘small print’ in emails and other written communications.
Annual registration with the ICO is also necessary for the following reasons:
Legal Compliance: The ICO oversees data protection laws in the UK. Registering with the ICO ensures that your clinic is compliant with these laws, avoiding potential fines and legal issues.
Trust and Transparency: Annual registration with the ICO builds trust with your patients, showing that you prioritise their privacy and data security.
Professional Responsibility: As trichologists, it is our professional responsibility to adhere to the highest standards of data protection and patient care.
Next Steps
Review and Update: Ensure your privacy notice is up-to-date and prominently displayed on your website.
Communicate: Include links to your privacy notice in all patient communications.
Register: Complete your annual registration with the ICO. This can be done easily through the ICO website.
Thank you for your attention to these important matters. By complying with these regulations and guidelines, you are contributing to the integrity and trustworthiness of the trichology profession
Kind regards,
The IOT Team
