Policies

Mew Medical takes data protection seriously and aims to manage personal and clinical information in line with UK data protection law, professional confidentiality duties and healthcare governance expectations.

We use appropriate technical and organisational measures to protect information from unauthorised access, accidental loss, misuse or inappropriate disclosure. These measures may include access controls, secure systems, staff confidentiality expectations, audit processes and careful selection of third-party providers.

Where external systems are used for bookings, payments, clinical records, communications or forms, we seek to use providers that support appropriate security and data protection standards. Information is shared only where necessary for the delivery, administration or governance of care.

Clinical and administrative records are retained in line with relevant legal, regulatory, professional and indemnity requirements. Retention periods may vary depending on the nature of the record and service provided.

Patients may request information about how their data is processed, ask for corrections where information is inaccurate, or raise concerns about handling. Requests will be reviewed according to applicable rights and obligations.