Consent under GDPR refers to the collection and processing of data.
Most clinics using Juvonno aren’t going to need consent to collect and process data. Instead, they will be documenting Article 6(f) and Article 9(1) of GDPR as the Legal Basis upon which they collect and process data.
What does “processing data” mean to GDPR?
Article 4 of GDPR defines processing as follows:
‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction
Documenting a Legal Basis
Here’s an example of language a clinic might use:
The Village UK, located in London, England, fully complies with the European Union’s General Data Protection Regulation (GDPR) Article 6(f) and Article 9(1). Lawful collection and processing (including the distribution of email and text message appointment confirmations and reminders) of personal health data of natural persons who are EU residents is only carried out where necessary for medical and health appointment confirmation, evaluation, diagnosis, and treatment purposes. All data collection and processing occur for the legitimate medical and health interests pursued by The Village UK, the data controller. Personal data collected and processed includes but is not limited to full name, address, contact information, family relations, medical information, diagnosis, and other items as required by the General Chiropractic Council and laid out in The Chiropractors Act 1994.
You can read Articles 6 & 9 yourself if you like:
And of course, along with that documentation, clinics will take the necessary steps to match clinic policies to that declaration of compliance with GDPR. And clinics are going to be training staff on appropriate, GDPR-compliant behaviors when collecting and processing data.
Consent to Receive Marketing Emails
For best practices under GDPR, we recommend the following settings in your Juvonno account:
1) Make electronic reminders Patient Selectable
Navigate to Settings > General > System > Patients.
Under the Patients heading, Set Default Correspondence to Phone and select Save.
This will default all new patient profiles going forward and those profiles left in their Default state to opt-out of Email Correspondence, thereby forcing each profile to be individually updated when applicable.
2) Use generic product/service labels
You’ll want to pay attention to the names you give your service names because Juvonno includes the type of treatment in certain communications via email & text.
Navigate to Settings > Products & Services. When you set up new or edit existing treatments, in the name field, we recommend using the most generic name or treatment title that fits your purposes.
Consent for Treatment
Consent for treatment will be handled differently depending on what health care service you offer. In Juvonno, consent forms are completely customizable to your needs, and are built using our Custom Intake Form Builder.
Note: This article summarizes consent for GDPR and not meant as legal advice.