In May 2018 the Data Protection Act was replaced by the General Data Protection Regulations (GDPR). The changes to the Data Protection Act are aimed at ensuring that your personal, confidential and sometimes sensitive data, is held privately and securely.

Your written records will be stored securely for 8 years after the last interaction as an adult client and up to the age of 25 for a child under 16 when last seen or 26yrs for 17-18 year old.

Due to the sensitive nature of what we do, my insurance company does not allow the deletion of data before the minimum time for holding said data.

In line with GDPR, yes, within 30 days.

I collect basic information about you when you complete the registration booking form. Including your name/dob/address/email/contact phone number and your doctor’s information. In the consultation I collect a small amount of information on why you are using the service, your relevant medical history, family history and some lifestyle information. This information ensures that I can create an individual treatment plans that works for you. Your contact details will only be used in connection with your treatment and with your consent. Doctors details will only be used with your explicit consent.

Your information is held securely.

Text messages
My mobile phone is secured with a pin code.

Emails
My email account requires a username and password. All emails held by me will be deleted when the content is no longer needed, i.e. has been acted upon or therapy has ended.

Email attachments
Any attachments sent by email to you containing personal ‘sensitive information would be password protected and the password would be sent to you via text message.

Electronic documents
Any electronic documents e.g. A letter to your GP, or an invoice, are password protected and stored on a password protected computer if they contain personal or sensitive information.

Yes, unless I need support from my supervisor, or I believe that you are about to harm yourself of another.

To ensure your confidentiality, if we see each other socially, or outside of our sessions I will not engage in any conversation regarding your therapy. You are welcome to talk with other people about the therapy you are receiving, but I am obligated by GDPR law to ensure that your confidentiality is protected.

Everything we talk about during our sessions is strictly confidential between you and me. To ensure I am doing my job effectively and that I have the right support, I may discuss elements of our sessions with my supervisor. During these discussions I do not disclose any details that may identify you to my supervisor, and my supervisor also adheres to the GDPR.

Any contact, relating to you, with other health care professionals eg your GP would only be made with your explicit signed consent. E.g. If I were to write to your GP to notify them of your treatment with me.

Exceptions:

If you expressed an intention to carry out harm to yourself or someone else, then under my “Duty of Care” I am obligated by law to inform the relevant authorities. This is to safeguard you and the people around you. I would always aim to discuss this with you prior to contacting anyone.

If I was issued with a police warrant or court order for your information, by law I would also have to provide them with your information.

Our website may contain links to other sites (Facebook, Twitter, PayPal etc). Our Privacy Policy does not apply to other websites. Thus, we are advising you to consult the respective Privacy Policies of these other sites for more detailed information. It may include their practices and instructions.

I am the data controller and I am registered with ICO.