Private Practice Websites – are your cookies GDPR friendly?

Do you have a website for your private practice?

If so, you might need to make sure it is GDPR cookie policy compliant.

This is not a nutritional standard but much like produce that is Appellation d’origine contrôlée, it’s bound up in E.U. law.

So, when you’re browsing around on a website, that particular website is likely to have a little bit of techy code which instructs a small file to be downloaded onto your laptop, P.C. or smartphone. This file is called a cookie and it means that the website can recognise that it’s on a device.

Generally speaking, cookies store some information about how that particular person chooses to browse the site, and it remembers what you’ve looked at. Cookies link to individual devices to a websites, which is why if you have ever borrowed a family member’s laptop, sometimes it doesn’t seem to remember things in the same way as your own laptop would do.

In GDPR terms, makes the device identifiable and because GDPR is all about data and protecting data, not unsurprisingly, there is a section on GDPR that is all about cookies.

So what does this mean for our private practice websites?

The GDPR regulation wants us to do three things…

Private practice Ninja helper   We need to be telling people if our website chooses to leave a little cookie trail.

Private practice Ninja helper   Not all cookies are the same, so we need to state what our cookies are, what they are doing and why they are doing it.

Private practice Ninja helper   Not everyone likes cookies (seriously), so we need to get permission to leave behind cookies on a person’s device.

The GDPR says that you have to state all of this in a ‘clear and comprehensive manner’. This can represent a bit of a challenge when many of us don’t understand cookies and tech terribly well…

Basically: What it means is that you need to get consent from the website user and its best practice is not to try and ‘cheat’ this by using implied consent. It’s far better to get explicit consent or opt-in for the different kinds of cookies that your website is using.

Cookies come in different shapes and sizes.

Some cookies are only active during the times that person is browsing the website, (known as the session cookies) and once you leave the browser, they’ll automatically disappear and be deleted. This also tends to happen if the website is laid idle for example twenty minutes or more.

Some cookies, however, are a little bit more permanent and they will hang around even when you close that website page. They’ll often collect data about which page you have visited, how long you have hung around on it, and they might also look to see what you have put into your shopping basket if you are on a website where there is e-commerce.

Cookies are harmless.

They can’t infect your MacBook or P.C. with a virus, nor can they take a peek at your holiday photos. They can, however, meander onto your device, and feedback info to someone else. This tends to be sites that are trying get you to part with money, or come and have a look at something else. Have you ever found that pair of shoes you didn’t actually buy online, mysteriously appear as an advert the next time you are looking at a website that has adverts on it? Yep, the cookies found you.

The first step on getting GDPR compliant is to do a ‘Cookie Audit’ and we will be talking about that next time.

If you are worried about cookies on your website in the meantime, or if you have got any questions about GDPR and would like to discuss getting your GDPR compliance done and dusted. Please do not hesitate to contact us here… or phone 07500 834894.​


If you feel like your Private Practice needs help with gaining referrals, effective ways to work within social media, or you have questions about GDPR, then we’re here to help.

Together we can grow your Private Practice.

Get in touch!

We are waiting to help you gain more patients and boost your referrals



email or call us 0207 993 6425 http://www.instagram/privatepracticeninja