Your Privacy and Data
As from 25th May 2018 the General Data Protection Regulation (GDPR) supersedes the 1998 Data Protection Act and offers greater transparency about the collection and use of personal data.
As a result I need to make you aware of the following and gain your consent to it when you see me as a client:
1. The information you discuss with me is confidential within certain limits. Confidentiality will be maintained within the codes of ethics and legal requirements. Confidentiality does not apply where it would mean that I, as your therapist, might break the law, or where withholding information means I would breach the codes of ethics. Confidentiality may be breached if I consider there is a risk you may harm yourself or others. In such exceptional circumstances, where there is concern for your well-being or that of others, it may be necessary to seek help outside the therapeutic relationship. In such an event wherever possible I will ask for your consent to share this information. There are some occasions (for example if you have been referred by an insurance company or rehabilitation organisation,) where I am routinely required to share session notes or reports with them. This will be made explicit at the point of referral and when arranging the first session and will be part of the contract between you, your insurer and myself.
2. As part of my codes of practice I am required to carry out continuing professional development, and to engage in regular on-going clinical supervision. This is to ensure an ethical and professional service to clients. I may therefore discuss your case in supervision. However, in this event I would not reveal your full name, usually using initials only, and the supervisor is equally bound by a duty of confidentiality.
3. As part of my practice I will ask you for basic information about your name, address, contact details and GP surgery. I will also take and keep notes regarding sessions. I keep my notes in digital form in a secure password protected system. In addition we will sometimes make paper-based notes in sessions. In particular I usually take detailed written notes of the assessment and draw out diagrams of psychological processes. I will scan and keep these electronically as well. I keep my records for a period of twelve years in case they are needed for any reason. I will not use your contact details for any marketing purposes but may approach you for feedback on the therapy process once following discharge.
4. It is standard practice for me to communicate with you through email or text. I use an encrypted and dedicated email service (gmail). It is your responsibility to ensure that the email is equally secure at your end. If you are sending sensitive information, it is your responsibility to ensure the communication is secure at your end. This could be done, for example by you using an encrypted email service or by password-protecting a WORD or PAGES document (or both). Wherever possible, I prefer to share sensitive information by letter and post rather than email.
5. In addition to being informed of the above under the new regulation you have certain other rights. These include:
Right of access
You have the right to see the notes I make about you. This can be done informally in which case we can look through notes at the next session. You can also formally write to me to request to see your notes in which case I am obliged to supply the information within one month.
Right of rectification
You have the right to have your personal data rectified if it is inaccurate or incomplete.
Right to erasure
You have the right to have your personal information erased. Note that this is not an absolute right if, for example, if it is likely to be required for legal purposes.
Right to data portability
The right to data portability allows you to obtain and reuse your personal data for your own purposes for external organisations. My preference is to supply you with a paper copy of your data for you to use as you see fit, but if absolutely necessary I can share information to other agencies, with your permission, by password protected email.
Right to withdraw consent.
You have the right to withdraw consent to the above at any time