As an online therapist, your well-being is my top priority. One crucial aspect of your therapy is the assurance that your data is safe and protected. In this blog, I want to emphasise my commitment to keeping your information secure while explaining how I adhere to the guidelines set by the Information Commissioner's Office (ICO) and the General Data Protection Regulation (GDPR).
Understanding Data Protection
Data protection is a fundamental component of my therapeutic practice. It ensures that your personal and sensitive information is handled with the utmost care and responsibility. The ICO and GDPR are essential references in this context, serving as guardians of your data rights.
My Commitment to Data Security
Rest assured that I am fully committed to safeguarding your data. My practice employs various security measures to guarantee the confidentiality and integrity of your information. This includes secure storage, strict access control, and robust encryption methods.
The GDPR and Your Rights
The GDPR, or General Data Protection Regulation, plays a significant role in my data protection framework. It outlines your rights regarding your data, which include the right to access, correct, and delete your information. I am dedicated to upholding these rights and ensuring you have control over any data that you share.
How I Safeguard Your Data
To ensure your data remains secure, I have implemented stringent security protocols. Your information is encrypted to prevent unauthorised access, and I maintain strict access control to limit who can view and use your data.
Consent and Transparency
Your consent is essential to me. I obtain your explicit permission before processing any of your data. I also maintain transparency throughout the process, ensuring you are fully informed about how your data will be used.
Data Retention
I only retain your data for as long as necessary. My data retention policies adhere to legal and ethical guidelines, and I dispose of data when it is no longer needed.
Your Role in Data Security
Your active involvement is crucial in maintaining data security. If you have any concerns or preferences regarding your data, please don't hesitate to communicate them. Your comfort and confidence are of utmost importance.
Staying Informed
To stay informed about my data protection practices, you can refer to my privacy policy, which outlines my data handling procedures. Additionally, you can always reach out to me with any questions or concerns related to your data.
Information I collect about you and how I use it
I am registered with the Information Commissioners Office (ICO) and abide by the General Data Protection Regulation (GDPR) and the Data Protection Act 2018 (DPA 2018).
Upon starting therapy, basic personal information will be collected for contact and identification reasons. During our therapy meetings, an assessment of your psychological health will be completed, and notes will be taken during sessions. These will include personal and sensitive details about your life. The assessment and notes are used solely for the delivery of a therapy service to you.
Your rights
You have rights relating to the information I hold to verify the accuracy or to ask for them to be supplemented, deleted, updated, or corrected. You have the right to request a copy of the information that I hold about you. If you would like a copy of some or all your personal information, please email or write to me via the contact details stated in this agreement. Information will be provided to you within 30 days.
We want to make sure that your information is accurate and up to date. You may ask me to correct or remove information you think is inaccurate. You have a right to request the transfer of your data to another individual or company.
How long I keep your information for - data retention
Your information is kept for the time necessary to provide the therapy service requested, however outside of this I will hold your details and session notes for a period of 7 years following the end of treatment to comply with legal obligations that are placed upon me by my insurers. In the case of a child under 13 then records will be kept 7 years after they reach the age of majority (18). After this date, all data will be securely deleted.
Sharing of data
There may be times where your information needs to be shared with 3rd parties. I will explicitly ask your consent before doing so, and the data will be sent to 3rd parties securely. If I believe you are at risk to yourself or others or a child or vulnerable person is at risk, I do NOT need your consent to do this.In the event of me being unable to continue to work with you due to my death, the nominated executor of my clinical will (My Clinical Supervisor) will have access to my case load in order to make contact with you to discuss continuing therapy with you or referring you on to another suitable service.
Security of your data
Information will be kept securely and confidentially in line with the data retention policy as stated above.
Lawful basis for processing your information
The lawful basis for my holding and using your information is in relation to the delivery of a contract to you as a health care professional. As an accredited member of BABCP,I operate under a strict code of confidentiality.
If you are not satisfied with the way I am using your information or how I have responded to any request, you have the right to complain to the Information Commissioner’s Office at www.ico.org.uk quoting registration number ZA519265
In conclusion, your trust in my therapy practice is well-founded. I am fully committed to adhering to the highest standards of data protection as outlined by the ICO and GDPR. Your data security is not just a priority; it's my promise. If you have any questions or wish to discuss any data-related matters further, please feel free to get in touch. Your well-being and peace of mind are my primary goals.