Privacy Policy

I Paul Kilcullen of Paul Physical Therapy respect your right to privacy and comply with my obligations under the Data Protection Acts 1988 and 2002. The purpose of this Privacy Policy is to outline how I deal with any personal data you provide to me.

I will always keep your data safe and secure. To keep you up to date, here’s why I need it and how I use it.

• I will ask for general personal information such as your name, phone number, email address and Date of Birth. This will allow me to identify and contact you as part of our professional engagement with you.
• I may ask about your family, medical, general health history together with your daily, working or sporting activities in order to ascertain stresses which may have been induced upon your body and which may be relevant to your current presentation.
• I’m obliged by the Irish Association of Physical Therapists and our Professional Indemnity Insurance to retain such health and biometric information.

• I Paul Kilcullen of Paul Kilcullen Physical Therapy am bound by patient confidentiality laws, the standards of conduct, performance and ethics of CORU (Regulating Health & social care professionals) and the Irish Association of Physical Therapists (IAPT) code of conduct. Your information will not be shared outside Paul Kilcullen Physical Therapy unless you have given consent, except when; – requested by law – in your best interests and you are unable to give consent – in the public interest to prevent serious harm to others
• In some cases I may need to refer you to your doctor or a consultant. In certain cases I may have to write to your doctor about your case history. In such cases I will obtain your consent prior to sending a referral letter.

• Data will be stored in locked filing cabinets
• Risk assessed third party cloud processor – Cliniko

• You will have the right to ask from us at any stage what data we hold on you, why I hold it and how we are processing it. If you wish you may request a copy of this data from me in writing and I will ensure that it will be provided to you within 30 days.
• If you wish, upon request, I will transfer a copy of this data to a new data controller on your behalf.
• If you feel that any of the information which I’m holding is inaccurate or you would not like me to process it any further, I’m happy to amend, pause and/or erase this information, in line with the professional standards specified by the Irish Association of Physical Therapists and our Professional Indemnity Insurance (Balens Ltd). The IAPT and Balens require that all medical information is retained for a minimum period of 7 years.

• I require your information, including your medical history in order to ensure that we can continue to treat you effectively. All of this information relating to you remains secure.
• I will continue to retain your information while you are an active patient with us. If I’ve not heard from you for 7 years, I will no longer consider you to be an active patient of the clinic. At this point I’ll begin to implement a data retention policy in line with the IAPT guidelines. Therefore, any information relating to you which is older than 7 years will be securely deleted.
• For any clients under the age of 18 I’m required to keep your data for 7 years after your 18th birthday.

I will always strive to ensure that your privacy and data protection rights are upheld. If, under any circumstances, you feel that this has not been achieved, then I would invite you to contact us to rectify the issue. You also have the right to contact the data commissioner at any point to lodge a complaint or seek an investigation.