PRIVACY POLICY
"How I handle your data"
“I will always handle your data under UK GDPR and Data Protection Legislation"
WHAT IS THE GDPR (GENERAL DATA PROTECTION REGULATIONS, 2018) AND HOW DOES IT AFFECT ME?
The GDPR replaces the 1998 Data Protection Act to ensure that your personal and sensitive, confidential data is kept private and held securely, being processed in the way that we have agreed. It is there to protect your rights as a consumer of a service that might involve your identifiable data, e.g. your name and address or whether you have a specific condition. It also covers any session records, text messages or emails we might exchange.
HOW LONG WILL YOU HOLD MY INFORMATION FOR?
To ensure NHS/GDPR data regulations are adhered to, all records must be safely retained for the appropriate length of time. Depending on circumstances, this could range from 7 years after a final session or until an individual's 25th (17 at treatment end) birthday before being securely deleted in January the following year.
WHY DO YOU NEED TO RECORD THIS INFORMATION?
I collect information about why you are using the service, a small amount of medical information and a small amount of information about your lifestyle and significant others, (family, friends etc.) alongside brief session notes. This information enables me to provide a high quality service to you, ensuring I am equipped with the knowledge of our previous discussions prior to each session. Your contact details / address and Doctors details will only be used with your explicit consent or under extreme circumstances threatening your safety or the safety of others.WHAT PROVISION IS MADE TO ENSURE MY INFORMATION IS HELD SECURELY?
- Hardcopy documents
Are all stored in a locked cabinet in a locked, private building. - Text messages
My mobile phone is secured with a pin code. - Emails
My email account requires a user name and password. All emails held by me will be deleted when the content is no longer needed, i.e. has been acted upon or therapy has ended. - Email attachments
Any attachments sent by email to you containing personal’ sensitive information would be password protected and the password would be sent to you via text message. - Electronic documents
Any electronic documents e.g. A letter to your GP, or an invoice, are password protected and stored on a password protected computer if they contain personal or sensitive information.
IS WHAT WE DISCUSS KEPT CONFIDENTIAL?
Our conversations remain protected at all times - just between the two of us. To provide you with effective care and make sure I'm properly supported, there may be occasions where elements from our sessions are discussed with my supervisor in a confidential manner without sharing any personal information about you that could identify who we're discussing. Rest assured this is done strictly abiding to GDPR regulations for your safety and privacy.
*supervisors are specially trained hypnotherapists with whom therapists can discuss client issues if they wish but are not obliged to do so. No names or information that would identify a client would be disclosed.
WHAT IF I SEE YOU OUTSIDE OF THE SESSION?
To ensure your confidentiality, if we see each other socially, or outside of our sessions I will not engage in any conversation regarding your therapy. You are welcome to talk with other people about the therapy you are receiving, but I am obligated by GDPR law to ensure that your confidentiality is protected.
WHAT IF I DON’T WANT MY RECORDS TO BE HELD FOR THAT LONG?
Under the GDPR you can make a request in writing to me, for all your records to be deleted. In this case I would contact my insurance company and if they agreed to it, all your paper records would be shredded with a cross shredding machine and any electronic data such as emails or text messages would be permanently deleted from the devices they are stored on. I would have to save the request for deletion that you made but would not save any other data.In the event of the therapist being incapable of continuing with your treatment, e.g. because of illness or death, you will be contacted by a trusted person who will also respect rules of confidentiality. You will then be given the option of being put in touch with another therapist for continuation of your sessions.
WHAT HAPPENS IF YOU, THE THERAPIST, ARE TEMPORARILY INCAPACITATED SO YOU CANNOT KEEP AN APPOINTMENT?
If possible, I will contact you myself, otherwise a trusted relative (spouse) will inform you.
WHAT HAPPENS IF YOU, THE THERAPIST, DIE DURING THE PERIOD OF MY TREATMENT OR ARE UNABLE TO CONTINUE DUE TO SERIOUS ILLNESS?
All client notes would be transferred to another local therapist, who would inform you and give you the option of continuing your therapy with him/her.
WHAT ABOUT PASSING ON INFORMATION TO OTHER HEALTH AND SOCIAL CARE PROFESSIONALS?
With your consent, I may reach out to other healthcare professionals for further insights and guidance on how best to tailor my treatment of you. This might become necessary if it became apparent that additional verification was required or simply because exploring alternative viewpoints could be beneficial in achieving positive outcomes faster.
Exceptions:
In order to safeguard you and the people around you, if you were to disclose that you were going to carry out harm to yourself or someone else, then under my “Duty of Care” I am obligated by law to inform the relevant medical practitioners and police. I would always discuss this with you prior to contacting anyone.
If I was issued with a police warrant or court order for information about you, by law I would also have to provide them with the information.