The General Data Protection Regulation (GDPR) is legislation that comes into effect 25 May 2018. It’s purpose is to clarify how businesses and services collect, store and share information about you. This replaces the Data Protection Act.
This paper sets out what and how I collect, process, share and retain information about my clients..
1.1 General Contact Details
1.2 Administrative Details
1.3 Therapeutic Information (Client Sheets & Notes)
1.4 Email Communication
Your and my emails may be saved in my email folders, although not necessarily all of them are guaranteed. If you require a partial or full set of email communication, please ensure to maintain your own records.
This document confirms that you agree for me to send you emails, messages or telephone calls that are confined to our professional relationship, timings, billing and other usual administrative necessities of working together. If you do not agree, we will need to find a mutually-agreed and mutually-convenient alternative method of contact.
I never share or forward client emails, their details, client email addresses nor email contents from clients to third parties unless there is a legal requirement for me to do so or agreement between you and me.
I never use your contact details for purposes other than for those supportive of our therapeutic alliance. I do not operate marketing mail lists nor do I run a subscription email list.
Please bear in mind that information you might send me (cold calls, cold emails and similar) in advance of our agreed contract to work together falls outside the confidentiality confines of a working relationship. However, I always work to treat all shared information with the utmost respect given that it is possible to do so. See next paragraph.
If I am sent or given information that may suggest forms of harmful activity, I am obliged by law to report this content.
Please note that email communication is not a guaranteed secure mode of information transfer. Bear this in mind if you consider sharing personal details with me by email.
If you wish, we can use an encrypted email service with protonmail.com, a Swiss service. You would need to open an account with them. At the time of writing, a free account is available.
1.5 Video Communication and Electronic/Tape Recording of Conversations
I never record nor store content undertaken by Skype and other similar modes of electronic ‘meetings’ unless by mutual agreement at the time. In return, I insist that no part of any session is recorded by you or your representative either via online software or other recording devices, such as a cassette recorder, smartphone or tablet computer without advance discussion and documented agreement to do so. This holds equally for face-to-face sessions where no recording by any party may take place without express and written permission with both parties to do so.
You are free to take paper notes, as am I.
1.6 My Website and Referring Websites
Cookies are small files saved to the user's computers hard drive that track, save and store information about the user's interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website. Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors.
On your first visit to my website, you will be presented with a pop-up notice that contains full details of each cookie and it’s function on my website, You may un-tick cookie types to disallow setting of that cookie on your computer. However, it may interfere with your ability to process links or website attributes without acceptance of those categories of cookies. I have disabled this pop-up on subsequent page loads. If you wish to see this again, please clear your browser cache and then reload the page and the cookies message will reappear.
2.1 Session Notes
2.1.1 General Contact Details
These are stored within my synchronised Contacts software on my computer(s) and smartphone. These do not contain therapeutic information nor do they identify you as a client. If you wish for me to delete these when we end treatment, I will do so. Earlier deletion may impact on our ability to work together.
2.1.2 Administrative Details
These are stored within my Cloud-based accounting and invoicing software. Your name, address, email address, session dates, fees charged and paid and payment method are recorded. Other than session dates, no therapeutic process information is contained.
If you choose to pay by Paypal, Cheque or Bank Transfer, these details will be stored in relation to the transaction with the banks and Paypal. I do not utilise any other form of payment gateways. Electronic payment processing is directly between you and your bank or you and Paypal should you utilise these methods. I simply receive notice of these payments in my statements. For those who still write cheques, I do record details such as sort code, account and cheque number should I need to follow up paying-in.
If your therapy is being paid by a third party such as part of an Insurance claim, I will need to inform them of your session dates and attendance. If an external agency is involved, it will be necessary to discuss and agree with you any information I might be required to provide to the third party. As a matter of course, where possible, I would go through any information to be shared with you before sending out. This gives you the opportunity to point out any misunderstanding or what you might consider errors. These will either be corrected or a note made as to what you deem inaccurate.
2.1.3 Therapeutic Information
This is stored on paper.
18.104.22.168 Client Profile Sheet
This is stored in a lockable cabinet. You may request that I destroy this. However, bear in mind that this may interfere with our ability to continue working together.
22.214.171.124 Session Notes
Session Notes are anonymised via a client code to connect you to these notes. These are stored in a lockable filing cabinet separate to General Contact Details (2.1.1), Administrative Details (2.1.2), Client Profile Sheet (first part of 2.1.3) and Email Communication (2.1.4 below). If we utilise online communication software, there may be some crossover.
Emails are stored with the associated email server and my local client software.
Emails are usually backed up via Cloud email facilities. This includes attachments you have sent to me which I may also save locally. Encrypted Protonmail emails and any attachments are stored on the Protonmail webmail server.
I do not operate marketing mailing lists, nor operate email subscriptions.
2.1.5 My Website
Please view details of information on cookies (see 1.6.1 above).
Your current rights are best found on the Information Commissioner's Office website: ICO Rights
Please bear in mind that some of these requests may impact upon our ability to work together. For example, you may request that I delete all contact data for you, but I would not be able to work with you without any means of contact.