Nutrition Patient Records: Structure, GDPR and Best Practices
The patient file is the heart of your clinical practice. A well-structured file saves you 4 hours per week (information retrieval, report writing, referrer coordination). A poorly maintained file exposes you to real regulatory risks: 92% of complaints filed against dietitians are partly linked to an incomplete or inaccessible file.
1. Key legal requirements
- Retention: Minimum 5 years after last consultation (check your local regulations)
- Data privacy: You are the data controller for patient health data. You must comply with applicable privacy regulations (GDPR in Europe)
- Right of access: Patients can request access to their records within a defined timeframe — your organization must enable this
- Compliant hosting: Health data must be stored on certified secure servers. Google Drive, Dropbox, or OneDrive are NOT compliant for health data
Storing health data on non-certified cloud services is a GDPR violation subject to fines of up to 4% of annual turnover.
2. The ideal patient file structure
Administrative data
Full identity, referring physician, insurance details, dated and signed data processing consent.
Medical and clinical data
Medical history, current medications, allergies, blood tests (with dates), anthropometry with dates.
Nutritional follow-up
Consultation summary per visit, meal plans issued (with dates), dietary survey elements, evolution curves, inter-session notes.
DAISY centralizes the entire patient record in one place: anthropometry, meal plans, reports, curves, messaging, and billing. Certified compliant hosting included in all subscriptions.
3. Frequently asked questions
Can a patient refuse to be in a digital system?
Technically yes, but maintaining a patient file (in any form) is a professional obligation. Most patients accept when you explain the security measures in place.