Physiotherapy client records destruction after the WGBO period: how to do it
Do you have boxes full of old records in your physiotherapy practice whose retention period has passed? Then a physiotherapy client record may not simply go in the paper bin. A patient record falls under the WGBO, contains special category data and must be destroyed demonstrably. This article is not about the period itself, but about the practical step after it: how you have expired paper and electronic records destroyed safely, at the right level, with a certificate as proof.
The retention rules themselves are described in detail in our sector guide physiotherapists, WGBO and file destruction. Do you already know those periods and now really want to clear out? Then below you read exactly what has to go, how the collection works and how you record everything neatly.
Why a physio record holds special category data
A physiotherapy patient record is not an ordinary customer file. It contains an anamnesis, a diagnosis, a treatment plan and progress notes about a person's health. Those are data about someone's health, and they fall under the GDPR in the category of special category data, for which extra protection applies. On top of that there is often the citizen service number, which may only be used in healthcare. The combination of that number with medical information makes such a record extra sensitive. If it ends up on the street, the damage to the data subject is large. Think of information about injuries, operations or chronic complaints that concerns no one else. That is precisely why strict requirements apply to both keeping and destroying the record. Destruction is not a loose end you rush through, but a full processing activity that must be as careful as keeping the record itself.
When a physiotherapy record may be destroyed
Destruction starts with knowing whether it is allowed yet. For a physiotherapy client record the WGBO period of 20 years applies, counted from the last treatment. For minor patients that period only runs from their 18th birthday. Only once the period has passed may you destroy the record. Throwing it away earlier conflicts with the WGBO. We explain this in detail in WGBO 20 years for patient files. So always check the date of the last action per record first. That is the anchor point, not the year the record was opened.
What exactly has to go from the record
Once the period is over, you can destroy the complete client record. In practice this means paper in all kinds of forms:
- Anamnesis forms and intake sheets.
- Examination findings and treatment plans.
- Progress notes per consultation.
- Referral letters from the GP and final reports to the referrer.
- Signed consent forms.
- Printouts from the electronic record that ended up in the folders.
Note one exception. The billing records sent to the health insurer have their own fiscal retention period. Keep those documents separate if they are not yet at their period. A handy overview is in the GDPR retention periods cheatsheet.
Paper client records versus the electronic record
Most practices now work with an electronic physiotherapy client record, often in software such as Intramed, FysioRoadmap or SpotOnMedics. Yet the paper does not disappear with it. Many practices still have an archive from before digitisation, with records only now reaching their 20 years. In addition, referral letters still regularly arrive on paper and consent forms are sometimes signed by hand. So you almost always deal with two flows: a digital one and a paper one. Both require their own approach, but they can be taken away in the same clear-out.
The electronic record and old data carriers
For the electronic physiotherapy client record, the software provider deletes the record from the active system after the period. But you are not finished with that. Data often lives on in places you quickly forget:
- Old back-ups on single hard drives or USB sticks.
- A discarded practice server or NAS.
- An old computer that once ran the electronic record.
As long as those data carriers lie in a drawer, the patient data is still on them. Wiping alone is not enough, because deleted files are often recoverable. For real certainty you have the carrier physically destroyed. The practical advantage is that this can be in the same collection as the paper.
The destruction process: sealed collection
Destroying physiotherapy records starts with a safe collection. You gather the expired records in boxes or a sealed roll container. We collect those sealed at your practice. The chain from collection to destruction stays closed, so there is no moment where a record can go missing. That closed chain is called the chain of custody and is extra important in healthcare, because a lost patient record is immediately a data breach. There is deliberately no drop-off location where you can hand in records. Everything is collected from you, so the sensitive documents never end up unattended on a counter or in a car. You choose the day that suits you, for example a quiet moment between treatments. The boxes do not have to be sorted by name or year in advance, because the whole contents go through the shredder anyway. So it saves you time: you gather, we do the rest.
The right level: DIN P-5 for medical paper
Not every shredding is equal. The DIN 66399 standard sets out how finely paper must be destroyed. For a physio record with an ID number and health data, DIN P-5 is the appropriate level.
| Level | Particle size | Suitable for |
|---|---|---|
| P-4 | Small particles | Documents with ordinary personal data |
| P-5 | Very small particles | ID numbers, medical and special data |
| P-6 | Micro particles | Strictly confidential data |
At P-5 the particles are so small that a record can practically no longer be reconstructed. That suits the sensitivity of health data. The level also goes on your certificate, so at an inspection you can show that destruction was appropriate to the sensitivity of healthcare data.
Data carriers in the same collection
Paper and data carriers do not have to be arranged separately. Old hard drives, USB sticks and a discarded server you hand over in the same collection as the paper records. The paper goes to P-5, the data carriers are physically destroyed at the matching level. The serial numbers of the carriers are noted, so the proof is traceable to the specific device. So you cover the whole flow of patient data in one go, digital and on paper, with conclusive proof for both. That is also convenient with the transfer or closure of a practice. Whoever sells a practice transfers the active records to the buyer, but is often left with old data carriers and expired paper folders that no one needs anymore. Those you can then have destroyed neatly in one go, without a forgotten drive of health data being left behind.
The certificate of destruction
After destruction you receive a certificate of destruction. It states the date, the quantity and the DIN level applied, and for data carriers the serial numbers. That certificate is your proof that the records were actually destroyed. It also shows they were not left lying around unattended, which is worth a lot in a data breach or a patient complaint. Keep it digitally in a fixed place in your GDPR file, so you find it within a few minutes. Do not make finding it dependent on a person, but on a fixed folder with a recognisable name and date. A certificate you cannot find does not count in practice. Keep the proof for at least five years.
Demonstrability for the GDPR and a professional audit
Through the accountability principle, the GDPR asks not only that you destroy in time, but also that you can show it. The certificate is your most important piece of evidence here. In addition, note the destruction in your record of processing, with the WGBO period per category and a reference to the certificate. If there is an inspection by the data protection authority or a professional body audit, you show in a few minutes that you close your archive carefully. Do not confuse the patient record with the personnel file of your staff, which has its own period. The difference is in HR file versus patient file.
What destroying physio records costs
You pay a fixed price in advance, no surprises afterwards. Settlement is per box or per roll container, from about 30 euro for the first box. The certificate is included in that price. Data carriers are settled per item, including registration of the serial numbers. The price depends mainly on the volume: the number of boxes, whether a roll container is needed and how many data carriers come along. A full explanation of the cost build-up is in archive destruction cost. Because you know the price in advance, you can plan the clear-out neatly without budget risk. For an average practice that clears the expired year once a year, it usually stays at a few boxes. Whoever empties a large backlog archive at once does well to request a roll container. In both cases the amount you hear in advance is the amount you pay.
Amsterdam without call-out fees and nationwide
If your practice is within 20 km of Amsterdam, we charge no call-out fee. We collect at your practice on the agreed day, whether that is in the centre or in a health centre on the edge of the city. If you are further away, we work nationwide via pooled routes. By combining collections in a region, the price stays fixed and sharp outside Amsterdam too. Are you in a health centre together with a GP, dietitian or exercise therapist? Then a joint collection run can be logistically handy. Each care provider remains the controller and gets its own certificate. In all cases the same method applies: sealed collection, destruction at P-5 and a certificate afterwards. So you do not have to bring records anywhere.
Common mistakes
- Destroying too early. Throwing away a record before the 20 years are over breaches the WGBO.
- Too low a level. For ID numbers and medical data P-5 is needed, not the ordinary office shred.
- Forgetting the data carriers. The paper goes, but the old back-up stays in a drawer.
- Not asking for a certificate. Without proof you can show nothing at an audit.
- Loose sheets in the open paper bin. Unshredded care paper with the waste paper is a data breach in the making.
Step by step: how to clear out expired records
- Inventory which records have a last action more than 20 years ago.
- Keep separate what still has its own period, such as billing records.
- Gather the expired records in boxes and put the old data carriers with them.
- Plan the collection and have everything taken away sealed.
- Keep the certificate and note the destruction in your record of processing.
A real-world example
A physiotherapy practice in Amsterdam-West reviews its old archive and finds four moving boxes with records of patients last treated before 2006. With them lies an old external hard drive holding a back-up of the electronic record from those years. The practice checks the last treatment date per folder, puts the expired records in the boxes and places the drive on top. We collect everything sealed, destroy the paper at P-5 and the drive physically, with the serial number on the receipt. A week later, the record of processing holds a note with the certificate number. At the next professional audit the practice shows in two minutes that the archive was closed demonstrably and correctly.
Have physiotherapy records destroyed with a certificate?
Tell us how many boxes and any data carriers you have and you get a fixed price. We collect sealed at your practice, destroy at DIN P-5 and you receive a certificate for your GDPR file. No call-out fee within 20 km of Amsterdam.
Request a quoteFrequently asked questions
When may I destroy a physiotherapy client record?
Only once the WGBO period of 20 years after the last treatment has passed. For minors that period counts from their 18th birthday. Check the last treatment date per record before you hand anything over.
At what DIN level must a physio record be destroyed?
DIN P-5 is appropriate for medical records with an ID number and special category data. The particles are then so small that reconstruction is practically impossible.
How do I destroy an electronic physiotherapy client record?
The electronic record is deleted at the software provider after the period. Old back-ups on single hard drives, USB sticks or servers you hand over for physical destruction, with the serial numbers on the certificate.
Do I receive proof of destruction?
Yes. You receive a certificate of destruction with the date, quantity and DIN level. You keep it in your GDPR file as proof for an inspection or a professional audit.
What does destroying physiotherapy records cost?
You pay a fixed price per box or roll container, from about 30 euro for the first box, certificate included. Within 20 km of Amsterdam we charge no call-out fee.
Do you collect the records?
Yes. We collect sealed at your practice. There is no drop-off location. Outside the Amsterdam region we work nationwide via pooled routes at a fixed price agreed in advance.
Conclusion
You destroy a physiotherapy client record only once the WGBO period of 20 years has passed. After that, what mainly counts is that you do it carefully and demonstrably. Have the paper destroyed at DIN P-5, hand over old data carriers with the electronic record in the same collection and keep the certificate in your GDPR file. With a sealed collection at your practice, a fixed price in advance and conclusive proof, you close your archive neatly. That way you meet the WGBO and the GDPR, and at an audit or inspection you are never empty-handed.
Clearing out the practice archive? Request a quote via desnipperaar.nl or first read the retention rules in physiotherapists, WGBO and file destruction. You receive a certificate as proof.
More from our knowledge base: Opticians and hearing care: destroying client files.