Privacy policy

The General Data Protection Regulation (GDPR) is concerned with the personal information about you that I collect, store and share.

​

I take the collection and storage of your information very seriously and complies with both the Data Protection Act 1998, and the European General Data Protection Regulations 2018.

​

What information do I collect?

​

As part of the assessment and therapy process, I will collect information from you. This will include details such as names, DOB, address, contact details, school, and GP.  I will also collect information relating to you/ your child’s physical and mental health.  I will take notes during our sessions to help plan our work.

Some of the information I may collect is classified as sensitive personal data.  The reasons for collecting this information are ‘legitimate interest’ and ‘provision of health treatment’. Please see the ICO website for further explanation of these.

​

This information will allow me to provide an assessment/therapy service to you, and to help me ensure the quality of my service.  I will not use your information for marketing purposes or sell it to any third party.

What information will we share?

 

There may be times when I will need to share information with third parties:

1. I may share information with other bodies e.g., your child’s GP, school, or other professionals involved if we both agree that this is appropriate and helpful.  This is to ensure you and your child receive the best possible care.

2. In accordance with British Psychological Society Guidelines, I receive supervision from other registered Clinical Psychologists. These Clinical Psychologists are also bound by regulatory body rules of confidentiality.

3. Any information I hold will be kept confidential. However, there are certain limits to confidentiality, for example, where information is disclosed which causes concern about an individual’s safety or about illegal activities, I have a professional obligation to breach confidentiality and inform the relevant services. I will discuss this with you first unless doing so would increase the risk, but I reserve the right to inform outside agencies as appropriate.

​

How is information stored?

​

I will keep information securely in accordance with ICO guidelines, and have taken a number of precautions to ensure that your data is protected including:

1. All clinical notes and correspondence will be stored in a locked filing cabinet.

2. Electronic information will be stored on a password-protected computer and backed up on an encrypted hard drive which is stored securely.

3. Emails will be stored in a password-protected account in a GDPR compliant email account.

4. I will store your number on my individual mobile phone using only your first name or your child’s Christian name. Text messages will be used primarily to confirm appointments.  Please do not send any sensitive information via text message. Your phone number will be deleted from our mobile on the completion of therapy.

5. I may communicate with you by post, mobile phone or email.  If reports are sent electronically, they will be password protected.

 

What rights do I have?

 

Your rights in relation to the sensitive personal data we hold about you are detailed on the ICO website. If you wish to assert any of these rights, please contact myself in the first instance. I may need to seek guidance from the ICO and/or our professional regulatory body, since some of our professional regulations may supersede or conflict with some of these rights.

​

How long will information be kept for?

​

By law, I am required to keep records securely for a period of 7 years (or for 7 years after a child’s 18th birthday).  Records will then be destroyed by shredding hard copies and deleting electronically stored data and emails. You have the right to request access to the data that we hold on to you free of charge.

​

If you have any further questions or concerns, please contact us or the ICO  https://ico.org.uk/