This document explains how (I), My Online Psychotherapist adheres to the GPDR with regards to what data I hold and how and why I process, store, and dispose of data.
WHAT DATA DO I COLLECT?
Clients’ personal details (name, DOB).
Contact details (address, contact number, email address, permission to contact via these).
GP, next of kin and contact number and dependants name, DOB and GP.
Client’s private therapeutic notes including background information, therapy history, medical conditions relevant to therapy, prescribed medication, summary of sessions, psychological difficulties.
HOW DO I STORE YOUR PERSONAL INFORMATION?
Paper: written notes. All client’s details are stored in a locked case.
Email/SMS: Your email address and correspondence will be stored in my email account by nature of you contacting me. Your telephone number may be stored in my SMS should we exchange messages in this way.
Electronic correspondence will also be held by the corresponding app (SMS, Email).
Website: None of your personal information is stored on my website.
Therapy assessment and notes: The written notes will be shredded once entered into a folder on a password protected computer.
Paper: Personal information sheet, GPDR agreement, therapy contract agreement, assessment and brief session notes (prior to shredding).
Electronic: Contact name and telephone number, email/ SMS, therapy assessment and notes (once added to electronic file).
HOW DO I SHARE/PROCESS YOUR PERSONAL INFORMATION?
Under no circumstances will I share any personal details with third party unless legally obliged to do so. I seek regular clinical supervision with a qualified therapist to monitor my clinical practice. In order to protect your privacy, the therapist will not know you personally nor professionally. I will refer to you by your initials and I may refer to your information verbally when it’s helpful to my professional practice.
If your health is at risk (provided I have your consent) I may share your contact information with an emergency healthcare service (e.g. mental health crisis team, your GP).
If I have become aware of your intent to cause harm to yourself, another person or organisation (e.g. terrorism), the law may require that I inform an authority without seeking your permission. In such a situation, the law may require that I share your personal information without your knowledge.
Erasing your information:
When we have finished working together, I will erase your personal information and SMS/Email within one month.
I will store your assessment details and therapeutic notes for up to 7 years from our last session. This is so that I have a reference of our work in situations such as you returning to therapy in the future. After this time has passed, I will delete the information.
You have the following rights:
To be informed what information I hold (i.e. this document)
To see the information I hold about you. You make a request to access this in writing to me
To rectify any inaccurate or incomplete personal information.
To withdraw consent to me using your personal information.
To request your personal information be erased when it is no longer necessary to hold it.
All the above complies with the General Data Protection Regulation using contract as a lawful basis for processing the data we hold.