Legislation (POPIA & PAIA) and Confidentiality:

In terms of the Protection of Personal Information (POPI) Act, Dr Purdy and all employees are required to treat all personal information concerning all patients, including their health information, as private and confidential. The obligation of confidentiality goes beyond undertaking not to divulge confidential information; it includes a responsibility to make sure that all records containing patient information are kept securely. Your personal information is stored, used, protected and disposed of, in accordance with applicable laws and guidelines.


The Promotion of Access to Information Act (PAIA) is legislation in the Republic of South Africa allowing access to any information held by the State, and any information held by private bodies that is required for the exercise and protection of any rights.

In seeking medical treatment with Dr Purdy, personal information is collected for the specific purpose of providing medical services: confirming benefits and/or obtaining authorization from medical aids; phone/email/address details are used to communicate account balances with you (or main member if you have medical aid). If you have been referred, Dr Purdy may receive your name/scheme details, which are only retained if you are treated by Dr Purdy. 

  • As the patient (who is not a main member) the cellphone number you enter on the Patient Information Form/File (or that was given to the us when your GP made the appointment on your behalf) is used for SMS communications from practice staff to send reminders for hospital admissions and/or appointments. Once you have been seen by Dr Purdy and your details are captured on our system, your cellphone number will be used by Dr Purdy for SMS communications for results/repeat tests.

  • The main member of a medical scheme is sent SMS communications regarding accounts and billing enquiries.

  • Private patients (uninsured) will receive SMS communications for reminders (hospital admissions and/or appointments) and for accounts and billing enquiries. 

  • Email addresses you have given us will also be used to communicate with you. Since postal delivery is problematic, where possible we do require an email address on file.

Employees with access to patient’s personal details sign a confidentiality clause in their contract to protect your personal information. Paper-based files are stored in lockable filing cabinets. Digital information stored by our practice management software is protected by appropriate security standards and access to this information via the browser is password-protected. All computers at Dr Purdy’s rooms are also password protected.


Physical healthcare records belong to the Practice that creates them. Patients have rights concerning the information contained in their records,  but do not own the actual documents or electronic files. Retention (and disposal) of medical records by Dr Purdy follow guidelines contained in the HPCSA’s “Guidelines on the Keeping of Patient Records” and those outlined in the POPI Act. The PAI Act makes provision for patients to access these records -appropriate forms and fees are available for download here.

A copy of the Practice's POPIA Manual is located at our Reception Desk, Midvaal Private Hospital.