Medical Records Management Policy


Policy Statement


This policy covers all the records held containing patient information at Aesthetics by Sian or by Sian Robinson and should be read in conjunction with the policy on consent and the policy on confidentiality.


The General Data Protection Regulation 2018 sets out in law how personal information is managed and processed.


Aims & Objectives


· Ensure the security of the patient records

· Define responsibilities

· Ensure compliance with professional standards and statutory regulations

Legislation requires information to be held as proof of an activity against the eventuality of claim; Limitation Act 1980, Consumer Protection Act 1987, Freedom of Information Act 2000.


Professional Standards are defined by the statutory bodies practitioners are registered with;




Storage of Medical Records


· Medical records generated by Sian Robinson at Aesthetics by Sian are the property of Sian Robinson, Aesthetics by Sian.

· The medical records must be stored in a locked environment where unauthorised access cannot be obtained.

· At no time should medical records be left unattended.

· The responsibility for ensuring the security of these records rests with Sian Robinson.

· Medical records should be retained for a period of 10 years (refer to Privacy Policy/GDPR 2018).

· The security of any copies of records provided to the patient is the responsibility of the patient.

· Medical records maintained digitally are password protected and access to them limited in accordance with the confidentiality policy and privacy policy.


Transport of Medical Records


Records should only be transported by hand by the responsible clinician or by those individuals who have been delegated to carry them. The records must not be left where they are accessible to the general public.



Sharing Medical Records


Medical records may be shared


· To ensure continuity of care within the practice

· When care might be shared with professionals outside of the practice e.g. with the patient’s GP

· When a patient is referred for specialist advice or care.


Medical records may not be shared without the patients documented consent except in exceptional circumstances (See confidentiality policy).





The clinician is obligated to make contemporaneous notes of any patient interaction, including;


· Medical History

· Examination and/or assessment

· Treatment recommendations

· Agreed treatment plan

· Consent

· Any treatment provided

· Pre and post treatment photographs

· Aftercare advice provided

· Arrangement for follow up

· A record of any relevant additional communication either by letter, email or telephone, including any communication related to the patient, with other healthcare professionals (refer to Privacy policy).

· Records must not be tampered with in any way

· Entries must be clear, legible, signed, dated, timed and attributable.

· Entries made in electronic records must be clearly attributable.




Sian Robinson audit of medical records will be undertaken monthly to ensure compliance with policy, identify risks, and implement quality improvement actions.


Destroying Medical Records


Medical records must be retained as long as is necessary, according to legal and regulatory requirements.


If retention no longer serves any legal, regulatory or operational requirement, records should be strip shredded, bagged for collection and disposed of by an approved confidential waste disposal firm.


Refer to GDPR 2018, and privacy policy.



Ensuring the Effectiveness of the Policy


All staff members will receive a copy of the policy, and associated guidance notes. Existing and new workers will be introduced to the policy via induction and training. The policy will be reviewed annually and amendments will be proposed and agreed by Sian Robinson.




Breaches of this policy may be referred to the appropriate statutory body and will be dealt with under the Grievance and/or Disciplinary procedures as appropriate