Therapy and Counselling is a confidential safe space for you as a client. Confidentiality will be discussed in more detail when we meet at the start of first session.
Any contact information you provide before appointments regarding therapy (including the contact form on this site) is not used for any marketing purposes nor provided to any third party for use for marketing purposes. It is only used for house administration purposes such as making appointments, arranging payment, client registration any/or follow up information.
Please contact me about any concerns you may have with regard to the privacy of your information.
Your confidentiality and privacy are very important. From May 2018, under the General Data Protection Regulations, I am required by law to inform you how I keep safe the data you provide me and I how I hold this data. I am also bound by the British Association for Counselling and Psychotherapy’s code of ethics. I will never sell your data to any other individual, company or organisation for any purpose and I am required to gain your explicit permission to store your data in certain ways.
I keep client data provided so that I can work safely and professionally following the BACP Ethical Framework and Guidelines. Under GDPR you have the right to know what client data I hold, why I hold it, and for how long I hold it. The therapy client data that I hold may include:
- Your name and address and date of birth
- Your phone numbers and email addresses
- An emergency contact’s name and phone number (if required)
- Your GP name and contact details
- Relevant medical information
- Session notes
- Payment information
- My emails to you, and yours to me
- GDPR Consent Form
You have the right to view it, and to ask for changes to be made if is it incorrect. When sensitive data is to be destroyed, it will be shredded or deleted with no exceptions.
If I discover there has been a data breach of your personal information I am obligated to let you know. I keep your contact details in paper form in a locked filing cabinet and on my mobile phone which is passcode protected. My professional liability insurer advises I keep your session notes for up to seven years. After this time, they will be shredded. I may delete your data when we have finished our work, unless there is a possibility we will work together again in the future.
Your phone number is held under your name and/or your email address. This is held in case I need to contact you, for example to reschedule a session or in case we agree to work therapeutically via Zoom or Facetime either as a regular arrangement or just occasionally.
EMERGENCY CONTACT DATA (if provided)
I keep this data secured in paper form along with your name and contact details. It is unlikely that I would ever use this information, but I hold it in case I become concerned for your welfare and I cannot get hold of you. I would attempt to inform you that I was about to do this. This is only in exceptional circumstances.
YOUR GP CONTACT DATA
I keep this data securely in paper form along with your name and contact details. You and I may agree together on some reason that I might contact your GP, based on your best interest, for example discussing diagnosis, treatment plan or safety procedures.
I keep this data securely in paper form along with your name and contact details. It may be useful to share certain medical information if:
- Your mental health history or diagnosis may inform my treatment plan to make it more appropriate for you
- There is a risk that a health condition such as seizures, diabetes, pain management etc may impact a session
- You have any allergies that I should be aware of in order to keep you safe
- You take medication which may affect our work
I keep basic ad memoir session notes. These are hand written after your session and kept securely. This include dates and times of your attendance at session and points on important/relevant themes discussed during each session. I may destroy all or part of any notes I do not consider necessary to keep.
I am required by law to retain certain financial information, primarily for tax purposes, and as advised by HMRC this is retained for seven years. Payments you make are recorded by myself and kept securely. Payment by BACS will be processed by my bank using your first named only. Any bank statement showing any identifiable details about you is kept in a locked filing cabinet and shredded after 3 months. If this needs to be submitted for any tax purpose I block out any identifiable details.
When payment is made via BACS your account name (or the name of the person who is paying) and any reference used may show up on my online or paper bank statements. You have the right to discuss alternative payment options with me. Banking transactions may be viewed by employees of the bank, my accountant and HMRC tax officers who will all have their own GDPR policies.
EMAILS/TEXTS (SMS) & THIRD PARTY APS
My phone is passcode protected and is not shared with anyone else. My email account is password protected and not shared. I may delete emails and texts after I have noted their content (for example, emails around scheduling). Any emails that I consider necessary to keep are held securely though I cannot be held responsible for any email/text/whatsapp/facetime/Zoom or skype call/message you choose to send me where 3rd party providers hold responsibility.
If you have any other questions regarding how your therapy client data is used, please discuss this with me or contact me, as the Data Controller firstname.lastname@example.org
Registered with the ICO – Registration number ZA435814