Life Therapy Practice Privacy Notice
Information for New and Current Therapy Clients of Susi Harris, Counselling Therapist of Life Therapy Practice, as well as for any persons submitting private data using the Enquiry Form on this Life Therapy Practice Website.
General Data Protection Regulations (GDPR) Applicable from 25th May 2018
Under the new GDPR I am required by law to advise you how I keep all third-party data safe when received via this website Enquiry Form, and how the data is kept and processed thereafter. As a Qualified and BACP (British Association for Counselling and Psychotherapy) Registered Counselling Therapist, I work to a code of ethics concerning confidentiality and privacy at all times and in all respects during our means of contact, however so, whether via smartphone, electronically via email, telephone or face to face in or out of the therapy room.
By ticking the consent box on this Enquiry form you agree to these data protection terms for the purposes of your enquiry and thereafter, as a future client or continuing from this point as a current client.
Data Protection and Privacy - The Process
DATA HELD
DATA PRIVACY
I am a registered Data Controller registered on the GDPR (General Data Protection Register) with the ICO (Information Commissioner’s Office) in order to uphold data privacy for individuals.
Therapy client data is held by me confidentially and as necessary, to work professionally and safely with you according to the guidelines of my professional organisations (BACP), including my professional indemnity insurance company. You have the right to know and view, what therapy client data I hold, why I hold it, and for how long I hold it, any occurrences of breach of privacy, when and when data is destroyed (within my professional and insurance requirements and guidelines):
BREAKING CONFIDENTIALITY
If during therapy, I consider that you or others parties (especially children) may be at risk or harm, I would be legally and professionally obliged to break confidentiality to your GP or relevant outside agencies, under my safeguarding and legal responsibilities. I would assess and discuss with you as appropriate (in the case of a client under 18 years, then contact may be made to - Parent/Guardian/Carer and or GP).
In relation to any disclosure of your involvement in any criminal activity, to also include acts of terrorism or money laundering, I reserve the right to break confidentiality.
CLIENT DATA HELD
I am required to keep relevant and related client therapy data for 5 years by my professional liability insurer and afterwards is destroyed.
1. Your name, address, GP surgery, relevant medical/clinical information - paper data.
2. Email address and correspondence via electronic/PC data.
3. Phone numbers and electronic phone data.
4. Diary appointments and payment schedule notes - paper data.
5. Session paper notes.
6. Bank payment information.
7. Shared contact information for Supervisor to hold.
8. Business Data
1. Your name, address, GP surgery, relevant medical/clinical information - paper data.
I keep your name and address in paper form in a locked filing cabinet in a locked home office, separate from coded session notes. These contact details may be used for appointment purposes or sending of invoices or relevant information during the therapy term. A nominated contact and number is requested for me to hold in case of emergency, as are your GP contact details, but not for general contact use, unless you wish me to do so. Medical information and history may be helpful and relevant to our therapeutic work together concerning your mental health history / health risks such as seizures, diabetes etc / impact of medications or allergies etc
2. Email address and correspondence via electronic/PC data.
Your contact with me via my website enquiry link is data protected and managed by Webhealer in accordance with Data Regulations. Your email address is held in my confidentially and privately assigned, password locked and encrypted Gmail account. My computer is not shared, is kept in a locked home office, and is password locked at all times, except if being repaired but the aforementioned password protected accounts cannot be accessed. Addresses and correspondence is deleted once therapy is completed.
3. Phone numbers and electronic phone data.
I keep your phone number and in my mobile phone under your first name only and is locked with a passcode at all times. Appointment texts are deleted immediately once irrelevant. Numbers are deleted once therapy is completed. Please note that texts, (and related applications such as FaceTime, WhatsApp and Messenger which I will only use upon request), do not ensure confidentiality and privacy.
4. Diary appointments and payment schedule notes - paper data.
I keep a hard copy diary which holds appointment and payment information with first names only which I carry to appointments, otherwise is kept in my locked home office.
5. Session paper notes.
No electronic notes are kept by me. Notes may include dates and times of attendance, and brief points (not detailed) from the session.
Client name or other identifying details are kept separately from session notes; only a code is used.
All paper data is kept in a locked filing cabinet in my locked home office and held by me confidentially and as necessary, to work professionally and safely with you according to the guidelines of my professional organisations (BACP), including my professional indemnity insurance company (kept for 5 years and then will be destroyed - see above note).
6. Bank payment information which will show your chosen and applied unidentifiable private bank payment reference / or your name if you choose to disclose this, as it will be connected to the transfer and will be visible on my account. Banking transactions may be viewed by bank employees, my accountant, other financial advisors, and tax officers (HMRC). Please contact your bank to arrange your preference for identity.
7. I attend monthly Supervision to discuss my therapy work to ensure ethical and best practice, receive support and guidance in clinical matters, and to develop my therapeutic work, under the requirements of my professional body. Discussion includes first names of clients only and no identifiable information is disclosed. My clinical supervisor holds data of your first name only and phone number in paper form, kept in their locked filing cabinet (until our client work is finished and is then destroyed). This is in place in accordance with my clinical Will, so you can be contacted should I become incapacitated in any way and unable to inform you.
8. Business Data
I keep a password protected business spreadsheet electronically, showing appointment information, which is coded only and contains no personal client data. As a small business owner, I am required by law to retain certain tax-related financial information for 7 years under HMRC guidelines.
Please contact me via my details below if you would like to discuss any matters relating to data privancy. With thanks - Susi.
Please sign and date below if you consent to the therapy client data GDPR points above. A digital signature (or simply your printed name) is acceptable. (This GDPR regarding therapy client data is subject to regular review and updated as appropriate).
☐ I agree to Susi Harris holding, controlling, processing and storing my data as stated.
SIGNED:
(first and last name )
DATE:
All rights reserved ©Susi Harris 2018. The text contents of this Privacy Policy on my website or Therapy Contract may not be copied or reproduced for publication without my permission in writing.
Susi Harris, FdA, PG Dip. Reg MBACP
Qualified Humanistic Integrative Counsellor
Life Therapy Practice
lifetherapypractice@gmail.com
07496 864388
www.life-therapypractice.com