Opticians and hearing care: destroying client files
An optician or hearing-care provider looks like an ordinary shop, but processes health data. An eye test, a hearing test, a prescription from the ophthalmologist and the data around a pair of glasses or a hearing aid say something about someone's health. That means a client file partly falls under the stricter rules for special-category personal data. This guide shows, by part, what you keep, when it may go and how to destroy it confidentially.
The quick answer: the administration you keep for seven years for the tax retention obligation. Test data such as an eye or hearing test is health data that you treat separately and destroy at a fine level once the purpose has been served. Warranty and purchase data you keep until the end of the warranty. What may go disappears confidentially and with a certificate.
Why an optician's or hearing-care file contains health data
At an optician or hearing-care provider it is about more than a sale. An eye test, an eye-pressure measurement, a hearing test or a referral from a specialist says something about a customer's health. Such data is special-category personal data, with stricter rules than ordinary customer data. The data around a medical aid, such as a hearing aid at a specific strength or prescription glasses, also belongs in that category.
As a result a client file here is more sensitive than it looks at first glance. The GDPR requires extra protection of health data and storage limitation. Do not keep this data longer than necessary and destroy it so that nothing remains reconstructable.
Retention periods by part
The period differs per type of data. The overview below gives the main line. Count the tax period from the end of the financial year and the other periods from the purchase or the end of aftercare.
| Part | Starting point | Period |
|---|---|---|
| Administration and invoicing | Tax retention obligation | 7 years |
| Eye and hearing tests | Health data | purpose-bound, destroy finely |
| Prescription or specialist referral | Special-category data | as long as needed |
| Warranty and purchase data | Until end of warranty | + tax period |
| Medical-aid data | Aftercare and warranty | purpose-bound |
| Correspondence and drafts | No retention obligation | clear out at once |
Use this as a guideline, not a final legal ruling. When in doubt about a specific file, consult your trade association or data protection officer. The tax side is in the 7-year tax retention obligation.
Treating test data separately
The eye and hearing tests are the most sensitive part of the file. Keep them recognisably separate from ordinary customer and purchase data, allow them only to those who need them and destroy them at a fine level once their purpose has been served. That way you avoid the whole file inheriting the longest period of its most sensitive part, and you can clear out the health data specifically.
Also be alert to what you have on paper at the till or the counter. A printout of a test or a prescription left lying around is the same sensitive data as in the file. Include those loose documents in your clearing-out routine.
Warranty, aids and purchase
Around glasses or a hearing aid, warranty and aftercare come into play. As long as the warranty runs or there is aftercare, you have a purpose to keep the data. The purchase itself falls under the seven-year tax retention obligation. Once the warranty has ended and the tax period has expired, the purpose for these parts lapses and they should be cleared out.
So do not automatically treat the data around the aid as something that must be kept for extra years. Tie the period to the warranty and the tax obligation, and clear out as soon as both are past.
How to handle it in 6 steps
- Split the file into administration, test data, warranty and loose documents.
- Treat eye and hearing tests separately and at a fine destruction level.
- Tie warranty data to the end of the warranty and the tax period.
- Clear out loose printouts and prescriptions without a retention obligation confidentially at once.
- Collect what may go in sealed containers, not in the paper bin.
- Have it destroyed confidentially with a certificate and record it in your register.
Destroy confidentially with a certificate
Client files are destroyed confidentially at a fine level, because they contain health data and payment and purchase data. The paper and any data carriers travel sealed and stay that way until destruction, so the chain is closed. An old shop computer or backup with client files belongs with it too.
Afterwards you receive a certificate of destruction with the date, quantity and level. That certificate is your proof towards the GDPR that you acted carefully. Record the destruction in your record of processing. We collect within 20 km of Amsterdam with no call-out charge, work nationwide through pooled collection rounds and charge a fixed price per box or roll container. Drop-off on site is not possible; it works by appointment through collection.
Client files to be destroyed?
Tell us what you have and you get a fixed price. We collect it sealed, destroy it at a fine DIN level and you receive a certificate for your GDPR file. No call-out charge within 20 km of Amsterdam.
Request a quoteCommon mistakes
- Treating test data as ordinary customer data. An eye or hearing test is health data.
- Keeping the whole file for the same period. Administration, test and warranty have different periods.
- Leaving loose prescriptions lying around. A printout at the counter is sensitive data too.
- Throwing away unshredded. A client file with health data on the street is a reportable data breach.
- Keeping no proof. Without a certificate you cannot demonstrate the destruction.
Frequently asked questions
Are eye and hearing tests health data?
Yes. An eye test, hearing test or eye-pressure measurement says something about someone's health and is therefore special-category personal data. Treat this data separately and destroy it at a fine level as soon as it is no longer needed.
How long does an optician or hearing-care provider keep a client file?
The administration falls under the seven-year tax retention obligation. Test data you keep as long as it serves a purpose, such as aftercare or warranty, and clear out afterwards. Keeping just in case is not a valid ground.
How long do I keep warranty and purchase data?
Until the end of the warranty and the tax period for the purchase. After that the purpose lapses and you clear it out, confidentially and not into the paper bin.
How do I destroy client files in line with the GDPR?
Confidentially and at a fine level, with a certificate of destruction. Paper and data carriers travel sealed and the destruction is recorded in the record of processing.
Conclusion
An optician or hearing-care provider is more than a shop: it is a place where health data is processed. Keep the administration seven years, treat eye and hearing tests separately as special data, tie warranty data to the end of the warranty and clear out loose prescriptions immediately. What may go you have destroyed confidentially at a fine level, with a certificate as proof. That way you protect your customers' health data and stand with proof in hand in an audit.
Read also: call centres: destroying recordings and customer data, debt collection agencies: destroying debtor data, bailiffs: destroying attachment files and the GDPR retention periods cheatsheet.
Have client files collected? Request a quote via desnipperaar.nl. Within a few minutes you have a fixed price, including a certificate as proof.