Information Governance - all about confidentiality

Your information is treated highly confidential.
The company is registered with the ICO Information Commissioner’s Officer ( and pays yearly subscriptions. 
All information is stored on encrypted devices and email traffic is restricted to consented exchange with the clients (parents and young people).

The company has its own Standard Operating Procedure about Data Handling.
Although unfortunately security breaches are always possible, this company is using only most trusted encryption tools based on current knowledge.

This company is using the following high level security processes:


All company Apple devices are encrypted with MAC’s own sophisticated encryption algorithm.


Cloud storage of data is facilitated by Tresorit ( Tresorit has end user encryption which means all information is encrypted at source and then sent to the cloud storage facility. No encryption keys are shared with or stored on the cloud servers.

From 2021 all company data will be stored on serves located in England within the UK. In other words no data will be stored in locations outside the UK after January 2021. 


This website is secured by Secure Sockets Layer (SSL) certificates. They are sometimes called digital certificates and are used to establish an encrypted connection between a browser or user’s computer and a server or website. The SSL connection protects sensitive data, such as credit card information, exchanged during each visit, which is called a session, from being intercepted from non-authorized parties.

Because of this SSL security some links to external websites, which are not secured by SSL are blocked.


Local storage of sensitive data on the companies Windows operated devices is protected by VeraCrypt

Information Commissioner's Office [ICO]

This company is registered and complies with the regulations set by the Information Commissioner’s Office.

If you like further information about your rights please see the link below:’s

Who is my information shared with?

(1) The information is first of all shared with the parents (legal guardians) of the child or young person and the child/young person involved. 
Opting out of receiving the information via non-secure email does not mean you do not receive the information at all but it means you will get this via post or secure email.

There have been cases when a competent teenager has sought medical advice without his/her parents knowledge and there are court rulings that a doctor may not have to share this information with the parents of these young people even if they are not 18 years yet.


(2) My personal assistant will access your child’s information in order to prepare reports and any correspondence

My personal assistant will deal with the administrative side of your consultation with me and is your first access point for queries and liaison with me. The personal assistance is a fully qualified medical secretary.


(3) The information will be shared with your GP by post as a standard

Good medical practice for your specialist is to share your consultation with your GP. This is done in all cases if you have given us a GP name and address. We will ask you specifically whether you do consent for your GP to receive the letter by non-secure email. This still means your GP will receive the letter by post. You have to let us know at the time of the appointment if you do not wish your GP to receive the medical report as the letters may go out within 24 hours of the appointment. It is regarded by the General Medical Council as our duty to inform your GP of the outcome of the consultation. However, I do respect your wishes if in special circumstances you do not wish to do this. Please note that even if you opt out to have the medical information sent via non-secure email to your GP s/he will still get a copy by post unless you have instructed us not to do so at your appointment.

(4) The information will be shared with a professional medical billing company.
Your information will be shared with Mediaccounts ( for billing purposes.


(5) Your information will be shared with your insurance company.
This is if your consultation is paid through your insurance company and you have provided us with their details.

(6) Your information will be shared with other health professionals if they are involved in your child’s care
Your information will be passed on to other health professionals if any diagnostics (blood tests, radiographs etc) are ordered or if your child is referred on to other doctors, therapists or dieticians. Again you can opt out that this is done via non-secure email and the correspondence will be sent by post or secure email only. You will always be informed and get a copy of the correspondence. This is not always the case for blood test requests or radiograph requests but you can receive the reports as well if required.

(7) Reducted information is shared with a professional accountant for tax and income declaration.
Information on payments and billing will be shared with a professional accountant and for this company is with RK Associates based in the UK. No medical information is shared.


On request emails can be sent to clients (parents and young people) following explicit consent to receive email correspondence. 

In line with stricter confidentiality regulations around the use of email for confidential information this company has moved to written consent to use non-secure email from March 2018 onwards.

After verbal consent you will receive an email asking for your permission to use non-secure email to
[1] send you/your spouse/your partner medical reports and results via non-secure email
[2] send medical information to your GP if necessary via non-secure email
[3] send medical information to other health care providers if required via non-secure email

You have to opt in to use this service.

As alternative the information can be sent by post or encrypted email using Egress Switch ( You will have to create a free account with Egress Switch in order to receive these encrypted emails. Please be aware medical enquiries via non-secure email will not be answered unless consent is given.

Once again written consent is only regarding the use of non-secure email to share information and not whether you would like us to share this information or not. 

It is regarded as good medical practice to share information with medical professionals such as your GP and unless you have instructed us directly in advance your GP will receive a copy of the report by post.

secure emails / Egress

As alternative the information can be sent by post or encrypted email using Egress Switch ( You will have to create a free account with Egress Switch in order to receive these encrypted emails. Please be aware medical enquiries via non-secure email will not be answered unless consent is given.

Additionally I will not be able to answer enquiry via secure emails quickly due to the large number of emails received and the nature of using secure emails at present.

secure uploading of pictures and videos for consultation/enquiries/updates

Sometimes it is helpful to send pictures or videos of your child for a review. I offer a secure and encrypted upload service via Tresorit which encrypts the medical files on your computer and sores it in a secure folder on Tresorit for me to view.

This service is free for you to use and no paid account with Tresorit is needed on your part.