Very little is needed to make
a happy life
MARCUS AURELIUS
DATA PROTECTION (GDPR) & PRIVACY
How do the General Data Protection Regulations, 2018 (GDPR) affect me?
The GDPR replaces the 1998 Data Protection Act. It ensures data which is personal, sensitive and confidential is kept private, held securely and processed in the way you have agreed to.
It protects your rights as a consumer of a service or product that might involve data specifically identifiable to you, such as your name and address or whether you have a specific condition. It also covers any records of sessions, or communications we exchange.
How long will you hold my information for?
As per standard guidelines set out by various professional bodies (e.g. NCPS, BACP) and insurers (e.g. Aviva, AXA, WPA and Vitality) your data will be securely held for seven years after your final session. After this time, any paper documents will be shredded and computer documents deleted.
What if I prefer my records not to be held for that length of time?
Under GDPR you can request, in writing, for all your records to be deleted, paper records shredded and any electronic communications permanently deleted from all devices they are stored on. The only exception is that the request for deletion would need to be saved.
Why do you need to record this information?
As an important part of counselling services, information is collected about you and why you are using the service. Some information about yourself – any medical conditions, background and assessments, along with session notes, enables provision of a high quality service to you. Your contact details / address and doctors details will only be used with your explicit consent.
Lastly, some third party services collect information (where you are not identified) when you visit this website. This provides data on visitor numbers, what country they are from, and how long they spend visiting it.
What do you do to ensure my information is held securely?
Protecting your data is very important. To ensure it is, all:
1. hardcopy documents are stored in a locked cabinet in a locked room
2. emails are protected as the device used requires a user name and password
3. attachments sent by email to you containing any personal information are password protected with the password sent to you via a separate email
4. electronic documents e.g. a letter to your GP, or an invoice, are password protected and stored on a password protected computer if they contain personal or sensitive information.
What about confidentiality?
Everything we talk about during our sessions is strictly confidential between us. The only exception is that elements of our sessions may be discussed with a supervisor who is there to provide additional insight and guidance to the sessions. During these discussions, any details that may identify you are not shared. The supervisor also adheres to the GDPR.
What about other Health and Social Care Professionals
Any contact relating to you with other health care professionals would only be made with your signed consent.
Exceptions
To safeguard you fully and others around you, if you disclosed that you were going to harm yourself or someone else, there is an obligation under law and “Duty of Care” to inform the relevant authorities. Where possible, this would be discussed with you before contacting anyone. If a police warrant or court order was issued for your information, by law this would need to be provided to them.
Information Commissioners Office (ICO)
The Psychotherapy Practice is Registered with ICO. Reg no: ZB656923
