CAMPS PHYSIOTHERAPY CLINIC, Karachi
This document governs the clinical and administrative services provided by CAMPS PHYSIOTHERAPY CLINIC .

Protecting Personal Information
1. Openness and transparency
1.1  We value patient privacy and act to ensure that it is protected.
1.2  This policy was written to capture our current practices as well as to respond to federal and provincial requirements for the protection of personal information.
1.3  This policy describes how this office collects, protects and discloses the personal information of patients and the rights of patients with respect to their personal information.
1.4  We are available to answer any patient questions regarding our privacy practices.

2. Accountability
2.1       The physiotherapist is ultimately accountable for the protection of the health records.
2.2       Patient information is sensitive by nature. Employees and all others in this office who assist with or provide care are required to be aware of and adhere to the protections described in this policy for the appropriate use and disclosure of personal information.
2.3       All persons in this office who have access to personal information must adhere to the following information management practices:
Access is on a need to know basis
Access is restricted to authorized users
Contractual privacy clauses/agreements with third parties including cleaning, security personnel, building maintenance personnel and network technicians .
2.4       This office employs strict privacy protections to ensure that
We protect the confidentiality of any personal information we access in the course of providing patient care.
We collect, use and disclose personal information only for the purposes of providing care and treatment or the administration of that care, or for other purposes expressly consented to by the patient.
We adhere to the privacy and security policies and procedures of this office.
We educate and train staff on the importance of protecting personal information.
Collection, Use and Disclosure of Personal Information
3. Collection of personal information
3.1 We collect the following personal information
Identification and contact information including name and date of birth
Billing information including CNIC (Computerized National Identity Card) number and private medical insurance details
Health information which may include medical history and presenting symptoms

3.2 Limits on collection
We will only collect the information that is required to provide care, administrate the care that is provided and communicate with patients. We will not collect any other information or allow information to be used for other purposes, without the patient's express consent - except where authorized to do so by law. These limits on collection ensure that we do not collect unnecessary information.

4. Use of personal information
4.1 Personal information collected from patients is used by this office for the purposes of
Identification and contact - Emergency contact
Provision and continuity of care: Historical record and Health promotion and prevention
Administrate the care that is provided: Prioritization of appointment scheduling and billing patients
Professional requirements: Risk or error management and Quality assurance (peer review)
5. Disclosure of personal information
5.1 Implied consent (Disclosures to other providers)

Unless otherwise indicated, we assume that patients have consented to the use of their information for the purposes of providing them with care, including sharing the information with other health providers involved in their care. By virtue of seeking care from us, the patient's consent is implied for the provision of that care.

Relevant health information is shared with other providers involved in the patient's care, including, but not limited to, other physicians involved in providing care.

5.2 Without consent (Disclosures mandated or authorized by law).  There are limited situations where the physician is legally required to disclose personal information without the patient's consent. 

reporting specific diseases
reporting abuse (child, elder, spouse, etc)
reporting fitness (to drive, fly, etc)
for quality assessment (peer review)
for risk and error management, e.g., medical-legal advice

5.3 Withdrawal of consent

Patients have the option to withdraw consent to have their information shared with other health providers at any time.

Patients also have the option to withdraw consent to have their information shared with third parties.

If a patient chooses to withdraw their consent, the physician will discuss any significant consequences that might result with respect to their care and treatment.

Office Safeguards
6. Security measures
6.1 Safeguards are in place to protect the security of patient information.

6.2 These safeguards include a combination of physical, technological and administrative security measures.

7. Communications policy
7.1 We are sensitive to the privacy of personal information and this is reflected in how we communicate with our patients, others involved in their care and all third parties.

7.2 We protect personal information regardless of the format.

7.3 We use specific procedures to communicate personal information by

7.3.1 Telephone

Patient preference with regards to phone messages will be taken into consideration

Unless authorized, we only leave our name and phone number on message for patients

7.3.2 Email

We do not use email for confidential messages, except if consented by the patient. We assume that when patients initiate a confidential message by email, they have given implied consent for us to reply by email

Firewall and virus scanning software is in place to mitigate against unauthorized modification, loss, access or disclosure

7.3.3 Post/Courier

Letters are sent in a sealed envelope marked confidential

8. Record retention
8.1 We retain patient records as required by law and professional regulations.
8.2 We use secure offsite record storage.

9. Procedures for secure disposal/destruction of personal information
9.1 When information is no longer required, it is destroyed according to set procedures that govern the storage and destruction of personal.

We use paper shredding to destroy paper records

We physically destroy computer hard drives

We shred electronic media storage

Patient Rights
10. Access to information
10.1 Patients have the right to access their record in a timely manner.

10.2 If a patient requests a copy of their records, one will be provided at a reasonable cost.

10.3 Access shall only be provided upon approval of the treating physiotherapist.

10.4 If the patient wishes to view the original record, one of our staff must be present to maintain the integrity of the record, and a reasonable fee may be charged for this access.

10.5 Patients can submit access requests verbally or in writing

10.6 This office follows specific procedures to respond to access requests
we acknowledge receipt of request
we respond within a timely fashion not exceeding 30 days

Contact Us
Email:  homephysiogta@gmail.com

Phone: 0331-3322677
Note: Email is the best way to contact us.