DATA PROTECTION STATEMENT & GDPR

I am an accredited practitioner with the British Association for Counselling and Psychotherapy (BACP) and I am bound by their code of ethics. You may be interested to find more about this on their website at http://www.bacp.co.uk/ ethical_framework/.

 My details can be found on the BACP Register (https://www.bacp.co.uk/search/ Register) by searching for me via my name – counsellors have to meet a specified standard to join.

I am registered as a data controller with the ICO (Information Commissioners Office) and I follow their guidelines for storing and handling sensitive data (such as identifiable data and session notes)

In line with Data Protection Act 1998 and General Data Protection Regulations (GDPR) implemented by EU, this statement aims to outline the legitimate interest in obtaining, retaining and processing of your personal and confidential data and obtain your consent to do this.

Your personal data is obtained and shared with me with your consent and within the secure perimeters defined by GDPR, for the purpose of providing the best possible mental health care and treatment available.

I keep certain data so that I can work safely and professionally with you, in line with the guidelines of professional organisations that I belong to: BACP.

 I will not sell your data to 3rd parties or use for it for any unethical reasons.

I may have to share your data if my notes are subpoenaed by a court of law.

If you, or anyone you tell me about, is at harm or risk of harm, I may have to pass this information on to your GP or the police.

You have the right to know what data I hold, why I hold it, and for how long I hold it. You also have the right to know who sees it.

If I discover there has been a data breach of your personal information, that could put you at risk, I will undertake to tell you as soon as possible. I am obliged to inform ICO of this with 72 hours of becoming aware of the breach, where feasible.

 

The data I hold may include:

  • Your name
  • Your telephone number
  • Your email address
  • Your date of birth
  • Your home address
  • Your GP name and contact details
  • Relevant medical information
  • Session notes
  • Payment information
  • Your emails to me and mine to you
  • Your text messages to me and mine to you

Your personal data and assessment is stored in an anonymized and password protected manner. Equally, your client notes are obtained and processed by me are anonymized and secure as required by the GDPR and retained in a secure facility. I will be retaining your data for 7 years after our last contact.

All your data has been and will be treated strictly confidentially and will not be shared with third parties without your consent unless there is immediate concern of harm to self or harm to others as defined by Safeguarding regulations for adults and children, a threat for terrorism or money laundering.

I will need to share some of your data anonymously in Clinical Supervision as required by the regulatory body I am accredited by. This is to allow consultation processes regarding the best possible methods of treatment custom to your circumstances.

You do reserve the right to view, amend if incorrect or erase data in specific circumstances if you wish to do so. There are exemptions in the Act that may allow the data controller to refuse to comply with the subject access request, rectification request and request of erasure. To know more about your rights about your data, please visit www.ico.org.uk/for-the-public/