Here is some information about the data I hold, store and reasons for keeping
I process your personal data in order to provide you with therapy and for no other purpose.
Client form: The form includes your name, address, email, phone number, GP details and emergency contact; I hold this data in the unlikely event that I need to break confidentiality (please see more information on confidentiality below ). This form is sent and received via email and is therefore stored on my email history; it is also stored electronically in a secure folder in my laptop.
Session Notes: I may make brief factual paper notes on sessions which are stored separately from your contact details and do not contain your name. Please ask, if at any time, you wish to see your session notes; this access will be arranged within 30 days.
Your invoices: each session is invoiced in advance and sent to you electronically via email which has your name, the date of the session(s) and the cost of the session(s); these are stored electronically on my email history and stored in a secure folder on my laptop to serve as payment and attendance records.
Email communication: we may exchange non-confidential communication via email such as arranging sessions; this is stored electronically on my email history.
Phone communication: I may have your contact number stored on my phone and we may have exchanged non-confidential communication such as arranging sessions via text. We may also have spoken on the phone briefly prior to meeting in a phone consultation which may have contained confidential verbal information. I make sure when having brief phone consultations that the environment in which I conduct them is confidential.
I am the only person who has access to my email, which is password protected. However email is vulnerable to human error and viruses. Emails are also retained on internet provider logs so are not 100% confidential. If you prefer a different method of data exchange please let me know. If you wish me to delete my email history pertaining to your data please let me know. I am also the only person who has access to my phone which is password protected. My phone data not kept electronically on a cloud. However phones can be stolen or lost. If you wish me to delete your data from my phone please let me know.
My retention policy for session notes is to hold them for the duration of our therapeutic contract plus 1 year. If you require me to destroy your notes before then, I will give your request reasonable consideration.
If there is a data breach I will contain the breach and then assess the potential consequences for clients, based on how serious these are, and how likely they are to happen. If it is likely that there will be a risk of emotional distress, physical or material damage I will notify you within 72 hours of discovering the breach.
Supervision: I consult verbally about my client work with my supervisor to support my work with clients but I do not share notes, names or other identifying details. In the event that serious harm to yourself or another is likely I will break confidentiality and alert a third party who can help prevent harm. I will inform you in advance if it is possible to do so. I will not otherwise share records with any other third party without your permission unless ordered to so by a court of law.
Professional will arrangements: If I suddenly became incapacitated or otherwise unable to contact you, your name and contact details will be made available to a colleague who will contact you to inform you of the circumstances and offer support. The colleague will also be bound by confidentiality. Should my absence be permanent they will also ensure that all personal data relating to you will be deleted.
Skype: If we conduct any sessions via Skype, this has a limitation in terms of confidentiality. If you have any concerns about this please let me know and we can discuss alternative arrangements.