30 Jul GDPR Update
In line with European General Data Protection Regulations, and as a professional who holds personal information about my clients, I am obliged to share the following information regarding how your data is protected:
What information do I hold?
As a counsellor in private practice I collect the following information: client name, address, phone number, email address, date of birth and GP details, as well as general information about medical history, family background and current life challenges.
What I do with your information?
The information you give me when we contract to work together is stored securely as a manual paper record. Only anonymised names and dates of appointments, and payment records are stored securely on my computer, and anonymised phone numbers of current clients are stored on my telephone, which has a security pin/passcode. Paper records are padlocked in a locked filing cabinet, in a locked building. Computer and phone records are password/pin-protected. Your information, including information held on my computer and numbers on my phone, is destroyed three years after our work together has come to an end.
In the event of my death or being unable to work and unable to contact you myself, names and phone numbers of current clients would be shared with a professional executor in line with good practice in the profession. This person would contact you. These details are destroyed at the end of each month in this case.
I will use your phone number, email or address (as we discuss and agree in our 1st session) to contact you regarding appointments and to reply to you if you make contact with me, also to update you of any business shutdown or business disruption. I will never share your data with a third party unless you ask me to, or unless obliged to by a court of law. In this unlikely event I would always inform you first.
Organisations that do not process personal information on a computer are exempt from registering the ICO (Information Commissioners Office). However, after also reviewing the principles of the Data Protection Act (DPA), I can give you assurance that a robust Data Protection process is in place which protects all my clients information.