Short Version Summary:
- There are 3 main types of data which CATTS retains:
– Clinical Data needed to provide a service.
– Financial Data from clients for billing.
– Contact Data from referrals.
- CATTS keeps both physical and electronic records of clinical data in order to provide a service.
– Preferred format is electronic for clinical data.
– Clinical data is deleted/ confidentially destroyed after 2 years from last invoiced session. (Usually post discharge).
- CATTS keeps electronic records of Financial data from those who use our services.
– Financial Data is kept for 6 years to adhere to revenue guidelines.
– Financial Data (including non-payment of bills) can be given to Irish revenue at revenue’s request.
- Contact Data is kept for 6 years to allow processing of Financial Data if required. (This may be retained for longer to for safety, legal request, or child protection reasons.)
If you require your clinical data deleted or removed, you must send an email to the CATTS Practice Manager at email@example.com citing your wish.
Financial data cannot be removed before 6 years, however it can be shared with you to allow for any correction or for you to make a Med1, or health insurance claim.
Contact data cannot be removed before 6 years, however it can be shared with you to allow for any update or correction of material facts such as spelling of names, addresses, phone numbers etc.
If you require data to be shared with any third party, you must request it via email to the practice manager, or via written request. Only the person listed as the key contact can request this if it is in the case of a minor. Any information prepared which has not been paid for cannot be shared.
Legal obligation and good practice
CATTS Ireland must comply with the provisions of section 2(1)(c) of the Data Protection Acts 1988 and 2003. The Acts set out the principle that personal data shall not be kept for longer than is necessary for the purpose or purposes for which it was obtained.
This requirement places a responsibility on CATTS Ireland to be clear about the length of time personal data will be kept and the reasons why the information is being retained.
To comply with this rule CATTS Ireland must have a policy on retention periods for personal data that is retained.
This policy must include defined retention periods for records and systematic disposal of records within a reasonable period after the retention period expires.
Since 2003, Data Protection legislation applies to both electronic and hard copy records.
CATTS Ireland is committed to effective records management retention and disposal to ensure that it:
• meets legal standards in terms of retention periods;
• optimises the use of space;
• minimises the cost of record retention;
• securely destroys outdated records