Data Privacy Policy
May 2018
This information sheet explains why I keep your information, where I keep it, how I keep it safe and what your rights are.
The Basics:
- I keep information about you in order to provide you with a service and to process payments.
- I cannot work with you unless you allow me to keep records.
- I follow the law and the codes of practice set down by the Health and Care Professions Council (HCPC) and the British Psychological Society (BPS).
- I have systems in place to protect your data.
- You are entitled to request a copy of your data free of charge and to have inaccurate information corrected.
- I aspire to the highest data privacy standards. If you have questions, concerns or feedback then please let me know so that I can address them.
- You can complain to the Information Commissioner’s Office (ICO) if you believe that I am acting unlawfully: visit ico.org.uk/concerns or phone 0303 123 1113.
Why I keep information:
My professional registration requires me to keep information about my clients and the work that I do. I cannot offer you services unless you allow me to keep data about you and our work together.
The legal basis:
I have what is known as legitimate interest for keeping data. I am registered with the Information Commissioner’s Office (ICO) to do so. I follow the rules set down by my professional regulator: The Health and Care Professions Council (HCPC) and the British Psychological Society (BPS).
The information that I keep:
I keep personal data e.g. your name, address and phone number. I also keep sensitive data e.g. notes about your sessions, your gender, and social history.
What I do with the information:
I use the data I collect for three reasons:
- To provide you with services.
- For billing and processing payments.
- To help prevent serious harm.
Who I may share personal information with:
I will not normally share your personal information with anyone else. However, there are exceptions to this when the need may arise for liaison with other parties:
- If you are referred by your health insurance provider or otherwise claiming through a health insurance policy to fund therapy, then I will share appointment schedules with that organisation for the purposes of billing. I may also share information with that organisation to provide treatment updates.
In exceptional circumstances we may need to share personal information with relevant authorities:
- When there is need-to-know information for another health provider such as your GP.
- When disclosure is in the public interest, to prevent a miscarriage of justice or where there is a legal duty, for example a Court Order.
- When the information concerns risk of harm to you, or risk of harm to another adult or a child. I would discuss such a proposed disclosure with you unless I felt it could increase the level of risk to you or to someone else.
How long I keep data:
I keep client data throughout the time I work with my clients and in line with professional guidance for 7 years after the work has ended.
Where I keep data:
- On my home computer
- In a paper file
- In my mobile phone
- In my email systems
- My website uses cookies. This helps me to see how many people have visited the site and which pages have been most popular. Importantly, cookies are anonymous and contain no personal data. You can turn cookies off in your website browser if you wish to.
How I keep data safe:
- My paper notes are kept in a locked filing cabinet. I bring them to the clinic for sessions and return them to the cabinet afterwards.
- My mobile phone is encrypted and must be opened with a password each time I use it.
- My computer and email system is secured with a password.
You have the right to:
- Request details of all the information that I keep about you and to receive it within one month at no fee.
- Have information corrected if you consider it to be inaccurate or incomplete.
- Complain if you think that I am acting unlawfully.