The General Data Protection Act came into force on May 25th 2018 and as a data controller, in compliance with this, I have updated my policies around how I collect, store, hold, process and destroy your personal information. As a counsellor, I would assure all my existing clients, prospective clients and past clients that ensuring and maintaining client confidentiality has always underpinned my work.
If you become a client I will provide you with a printed copy of this policy for your signature when we go through our working agreement together. I will also ask you to sign a Data Privacy and Consent notice to comply with data privacy law.
I WILL COLLECT THIS INFORMATION FROM YOU WHEN WE BEGIN WORKING TOGETHER
Name (in the case of under 18’s I will also take a parent or guardians name)
Date of birth
Who you reside with
Contact number and permission/refusal to text or leave a voicemail (for under 18’s I will take a parent or guardians contact number too)
Previous history of emotional support
Any relevant health issues and medication
Current emotional difficulties
NB - I also take this information to assess potential clients and sometimes these assessments may not become regular clients. In this case I destroy this information after a month has passed.
Assessment notes, brief session summaries, personal information sheet, signed working agreement will be kept in a locked filing cabinet. Notes are kept separately from your personal information sheet and your assessment is also kept separately to ensure your confidentiality
I keep a paper diary and you will be referred to within this only by your first name. This is stored separately from any other paper-based data.
I use a smartphone for the receipt of client email, client phone calls and client text messages. I do not hold your number in my contacts under your name to maintain your confidentiality. My smartphone is password protected.
My website does not hold onto any of your personal information.
I keep an electronic record of my client load so I can offer each client an individual code for my paper-based records, again to keep this separate. This is kept on my business laptop which is password protected.
SHARING AND PROCESSING INFORMATION
Supervision - I attend supervision with a qualified supervisor. This is to ensure that I am working ethically and professionally and is in line with my professional bodies requirements. In supervision will only refer to you by first name. I am also a qualified supervisor and within this process supervisees will also only refer to clients by first name when discussing their work.
Therapeutic Will – In the event of my demise, I have allocated two colleagues as Therapeutic Executors. One of my executors would contact you to advise you of my death and to offer you immediate support should you feel you may need this. This is also so that I can ensure that all records are destroyed by a qualified counsellor bound by confidentiality therefore maintaining your privacy. My executors are Nicola Parkinson and Rachel Ellis. You can choose to opt out of this when we discuss our working agreement.
Serious risk of harm to self or others – If I feel that there is a serious risk of harm to yourself or to others than I will aim to discuss this with you and to receive your consent if I feel that there may be a need for another party to be involved (such as your GP) If you refuse to give permission for another party to be involved and I still feel that there is a serious risk of harm to yourself or to others (such as under the Terrorism Act ) than I may have to breach your confidentiality.
DELETION OF YOUR DATA
When our work has ended I will shred paper copies of your assessment, personal information sheet and working agreement and delete any emails from you after a month has passed.
I will keep your brief session notes for 6 years in line with my insurers requirements. I will shred your session notes after this time. I will keep a data record of your personal code on my laptop so that I can recognise your notes, I will delete this record when I shred your paper notes.
YOUR DATA RIGHTS
In accordance with GDPR, you have the following rights:
To be informed of the information that I store that relates to you (or your under 18)
To ask to see the information that I hold about you
That I rectify any information that you deem inaccurate, unnecessary or incomplete (if I need to keep a record to comply with legal requirements than I may decline this request)
You may request details of any personal information which I hold about you, if you would like a copy of the information,