Privacy Policy

This notice describes how we collect, use and process your personal information, and how, in doing so, we comply with our legal obligations to you. Our practice policy is to respect the privacy of our patients, their families and our staff and to maintain compliance with POPIA.

• We collect basic personal information about you which does include name, address, contact details such as email and phone number, etc. We will also collect sensitive confidential data in the form of health information, ethnicity and gender during the services we provide to you and or linked to your healthcare through other health providers or third parties such as insurers and medical aids.
• We maintain records about your health and any treatment or care you have received previously. These records help to provide you with the best possible healthcare. These are stored electronically with password-protected services (see below) and in locked filing cabinets.
• Information may be used within the practice for clinical audit to monitor the quality of the service provided.
• All employees and subcontractors engaged by our practice are asked to sign a confidentiality agreement. We use other companies to:
  • provide IT infrastructure,
  • offer accounting services, and
  • maintain our website.
  
  Some of our suppliers are in other countries that have different levels of protection of Personal Information, but we’re comfortable that they protect personal information to the same extent that we do.

  We use Microsoft 365 to do our work and store all our information, including our clients’ information. Microsoft stores all our content in the European Union. We believe that Microsoft provides an adequate level of protection for the personal information we store with them. You can read more about their privacy undertakings on the Microsoft site.

  We use Xero accounting software. Xero is based in New Zealand and have put measures in place to ensure our personal information remains protected. You can read more about how they use personal information on the Xero site.

• Every member of staff who works for us has a legal obligation to keep information about you confidential. We will only ever use or pass on information about you if others involved in your care have a genuine need for it. We will not disclose your information to any third party without your permission unless there are exceptional circumstances (i.e. life or death situations), where the law requires information to be passed on e.g. in the case of notifiable diseases.
• You have the right to
  • ask what personal information we have about you,
  • ask what personal information was sent to our suppliers, service providers, or any other third party,
  • ask us to update, correct, or delete any out-of-date or incorrect personal information we have about you (In certain cases, we may require proof of your identity and sometimes we may have additional requirements to make changes to your information)
  • unsubscribe from any direct marketing communications we may send you,
  • object to the processing of your personal information, and
  • lodge a complaint about our practices with the Information Regulator.
  • withdraw or change your consent at any time by contacting us at admin@theworkhousedurban.com.
• We have implemented reasonable security measures based on the sensitivity of the information we hold. These measures are in place to protect the information from being disclosed without authorisation, from loss, misuse, and unauthorised access, and from being altered or destroyed. If you suspect that we (or you) have had a security breach, please notify us immediately by sending an email to admin@theworkhousedurban.com. Please include as much information as you can and do so immediately so that we are able to inform the Information Regulator and data subjects.
• For any further information, please contact our POPIA Information Officer, Jessica Taylor on 072 434 1878 or admin@theworkhousedurban.com