Our Privacy Statement
What is the General Data Protection Regulations, 2018 (GDPR) and how does it affect me?
The GDPR replaces the 1998 Data Protection Act to ensure your personal and sensitive, confidential data is kept private and held securely, being processed in the way that you have agreed to. It is there to protect your rights as a consumer of a service or product that might involve your identifiable data, e.g. your name and address or whether you have a specific condition. It also covers any session records, text messages or emails we exchange. For more information you can read the policy documents accessible via your welcome information pack.
How long will you hold my information for?
I am regulated by the British Association for Counselling and Psychotherapy. In accordance with information provided by my professional body and professional insurance provider, I must hold your data for 8 years after your final session and then they will destroyed. This is in line with NHS regulations for holding data.
Why do you need to record this information?
I collect information about; why you are using the service, a small amount of medical information and a small amount of information about your important others, alongside brief session notes. This information enables me to provide a high quality service to you, ensuring I am equipped with the knowledge of our previous discussions prior to each session. Your contact details / address will only be used with your explicit consent.
What lengths are made to ensure my information is held securely?
Hardcopy documents – Are all stored in a locked cabinet in a locked room.
Text messages – My work phone is secured with a pin code.
Emails – My email account requires a user name and password.
Email attachments – Any attachments sent by email to you containing your personal information would be password protected and the password would be sent to you via text message.
Electronic documents – Any electronic documents are stored on a password protected computer.
Is what we discuss kept confidential?
I am bound by the ethics of BACP regarding confidentiality and the content of our sessions is totally confidential between you and me. The ethical framework of BACP allows this confidentiality to be broken only on grounds of safety i.e. where harm to yourself is disclosed, harm to someone is disclosed, child protection issues and serious crime. Elements of our sessions may be discussed, totally anonymously with my supervisor who also adheres to BACP ethical framework and GDPR.