Posts tagged " form filling "


July 24th, 2019 Posted by Acupuncture, Alternative Medicine, Clinic app, Consent forms, Consultation Forms, Electronic signatures, GDPR, Holistic Health, Hypnotherapy, Medical History Form, Paperless, Photography, Sports Therapy, Uncategorized, Web Design No Comment yet

It is now over one year since the GDPR legislation came into effect on the 25th of May 2018, and it’s still a major area of concern to many small and medium-sized endeavours.

The Alternative Medicine sector is no exception as I discovered when we exhibited at the Holistic Medicine Exhibition at the ICC in Birmingham recently. 

Almost everyone I spoke to wanted to know if we could help them with compliance. It was as important as the cost savings of going paperless for them. Convenience for them and their clients is the other main benefit.

Many of them were members of a Professional Hypnotherapy Association. They comply with the hypnotherapy code of ethics they studied as part of Hypnotherapy training. Therefore complying with GDPR is important too.

Fortunately, using paperless forms is a great cure for many GDPR headaches.

Nothing worries us more than the unknown. So I thought I’d write down a few words about how GDPR affects Hypnotherapists.


Many people saw GDPR for alternative practitioners as a problem. By offering more transparency it safeguards consumer rights in our online world. Not a problem but a solution.

However, GDPR was written by highly paid lawyers. It appears designed to be complex to keep them in business. 

So here is my take on it, let’s start from the top, shall we? 


Personal data means information relating to an identifiable person. Information including, names, addresses, dates of birth, ethnicity, medical information etc.

If you collect personal data for example, using an iPEGS electronic consent form you are the Controller and we are the Processor. The same is true for Medical history, Treatment plan or in fact any of our forms.

As a controller, you determine the purposes of processing personal data. We as a processor, are responsible for processing the data, storing it securely as well as keeping it accessible and within the law. 


Most people who use paper forms are both the controller and processor. They hold all the responsibility themselves. 


GDPR applies to both automated personal data and to manual filing systems. Handwritten forms are data just as the most sophisticated online form, only more cumbersome. 

You must keep an inventory of all personal data that you process.

If that data is digital with the right provider it is relatively simple to keep within the law. Paper-based data is much harder to manage.


  • You must obtain consent to collect data, even the informed Consent to treatment form. You must receive Informed consent to collect Informed consent.
  • How do you store information? In a filing cabinet, on an excel sheet, or securely encrypted in the cloud?
  • Do you share or transport data and if so, how? Is it in the car as you travel between clients? Scanned, printed out and posted, emailed? All these present risks. If submitted securely to a UK data centre, as with iPEGS forms, for example, those risks disappear. Unlike your data might.
  • Is the information subject to a retention schedule?
  • You must keep client data, usually for 7 years.
  • The type of information you are holding (names, addresses, dates of birth, medical history, etc).
  • Do you collect it as paper forms, electronic forms, etc?
  • Will the information for marketing, research, evidence of permission?
  • Who will share the data?
  • Will there be an effect on the individual concerned and is it likely to cause any individuals to object or complain?


  • The right to be aware, of data you hold on them.
  • To have timely access to their personal data.
  • The right to request rectification, without delay.
  • To have personal data deleted.
  • The right to data portability, which allows individuals to obtain and reuse their personal data.
  • The right to object, for example, using their data for direct marketing.

If you lose data and let’s face it losing a paper form is easy to do even in the best run surgeries, this counts as a breach.


If someone gains unauthorised access to your client’s private information, you have 72 hours to report the data breach to both your customers and any data controllers, if your company is large enough to require a GDPR data controller. Failure to report breaches within this timeframe can lead to heavy fines. 

For most practices, GDPR creates the need for greater investment either in consultant’s fees or in your own valuable time. Ensuring your operational processes are up to the required standards, ensuring websites, forms etc are designed and optimised for the latest protocols.


  • Are you or someone on your team trained on data protection?
  • What changes have you made this year to become GDPR compliant?
  • Have you built client consent into your system ?

Clients can give consent in various ways, such as email, a contact form on the website, a check-box on your landing page, tick box on the form etc.

Consent records must specify the time and date when consent was given, as well as the exact means they delivered consent. 


Compliance not only protects the patient, but it also protects your surgery from overstepping the boundaries.

Companies who seem to cut corners with data protection might well cut corners elsewhere. Most of us are members of a National Hypnotherapy association and have no problems with Hypnotherapy ethical issues. Cutting corners is not in our DNA we understand Our ethics and professionalism are all we have. So going digital make sense.

Can you simply and rapidly process data deletion for clients. Is it at the press of a button or will it take hours of work?

Do any 3rd parties have access to your client’s data? Third party access to data is all too common, third parties who might be using the same network or facilities, you need to be aware of any other parties who might have access to the data you’re collecting. This can be a particular problem in mixed therapy practices. Is it kept in a filing cabinet where others have access or a shared network?

How easy is it to export your data? Is it available at the touch of a button or is it a trip down to the cellar and a root through the filing cabinets?


One component of GDPR is privacy by design. This requires therapists to design their systems with the proper security protocols in place from the start. Failure to design your systems of data collection the right way will result in a hefty fine. It is a good idea to take a good look at your website if it hasn’t had a design overhaul in the last year or so.

Are your forms easy to find and wipe? Who has copies? Are you holding data on your phone, laptop or PC and do others have access to these devices?

GDPR seems complex, but essentially it refers to the need to have business systems designed with proper security and privacy measures integral. iPEGS paperless forms, for example, is such a system.

If you would like to find out more about how a system such as iPEGS can help you manage your client data, please check out our website or contact me directly steve or call me on 01244 955350, I will be pleased to help.

A smarter way to record data for field based Maintenance teams

October 20th, 2016 Posted by News No Comment yet

Service & maintenance engineers have a hands on job which also requires a lot of form filling, data capture, recording evidence and signing of forms. These forms are vitally important for the business to be able to efficiently report or act on the maintenance or service work undertaken. Once work has been carried out this form needs to be sent back to the office to process, record or action.

Using paper based forms can create the following issues:

    • Incomplete information or signatures
    • Delay in completed and signed form being returned to the office for processing
    • Paperwork getting lost or damaged
    • Cost and time taken printing multiple forms
  • Unnecessary admin time wasted

Using the iPEGS app allows the engineer to:

    • Electronically sign forms which include the date, time and location of signature *Facestamp includes a picture of the engineer carrying out the work improving the signature authenticity.
    • Include picture evidence to the report which can be captured using the iPAD or tablet’s camera
    • Capture the correct data without missing any information with mandatory fields
    • Submit the report straight back to the office
  • You do not need a wifi connection to complete and save the form through the app

Unique functions of the app:

Notepad feature: Transfer your note taking, electronically, sign, save and submit back to the office

Feedback Forms: Enables the company to rate the service that they have received

Reporting: Analyse your customer feedback on the service provided

Form Builder: An easy to use form builder to brand and customise your form which include the use of digital tables, number, percentage, currency, email and text fields, pick lists, checkboxes and insertion of signature. Add, advance and update forms which can automatically be accessed by the engineers whether they are in the field.

Register: Engineers can record maintenance repairs carried out for a period of time.

Import & Sign: Import documents to electronically sign and submit

Forms can be converted to  the following formats: pdf, excel, word, csv or xml document and exported via email to whoever needs to receive this, to the secure iPEGS portal, One Drive or Dropbox.

iPEGS is currently benefitting the following service based engineers who work within:

Power Solutions

Fire Systems


Train Maintenance

Water Utilities

Do you wish to adopt an effective paper based system for your service or maintenance engineers? Call us today for an initial consultation on 01244 955350 or email us at