The General Data Protection Regulation (GDPR)
Any personal data (any information relating to an identified or identifiable individual) provided by you to Kay Lees Counselling and Psychotherapy Service via any means (verbal, written or electronic) will be held and processed in accordance with the General Data Protection Regulation for the purposes for which you have given consent and to provide the services you have requested from Kay Lees Counselling and Psychotherapy Service.
What personal data I collect from you
Why I collect your personal data and how I use it
How I store your personal data
The rare circumstances under which I may disclose to other individuals or organisations
How long your personal data will be stored and when/how it will be disposed of.
Personal Data I collect
When you contact me to enquire about counselling or psychotherapy and if/when you decide to continue with counselling or psychotherapy, contact may be made verbally, by telephone, email or text message. This process may involve providing me with your name, address, telephone number or email address. I may also request information regarding your availability, therapeutic issues/reasons for seeking counselling/psychotherapy and other details which I deem relevant to dealing with your enquiry and the commencement of working with you.
Why I collect your personal data
I use information collected about you for the following reasons:-
To respond to your enquiry/enquiries
To assess your needs and expectations from counselling/psychotherapy
To offer you suitable counselling appointments
To notify you should there be any change to your appointments
How I may share your personal data
Your personal data is confidential and will not be passed to any third party except in the following circumstances.
In compliance with the BACP ethical framework, I attend monthly clinical supervision to ensure safe and ethical practice. Any discussion with my clinical supervisor about my clinical practice remains anonymous at all times and my supervisor is also bound by the BACP ethical framework for clinical practice.
If I were to become aware of any danger of harm to yourself I may need to contact a healthcare professional such as your GP or Mental Health Crisis Team. I would always seek to discuss this with you first.
I am duty bound by the law to contact the police should I become aware of any activity relating to terrorism or serious crime such as money laundering or fraud. Under safeguarding principles, I would have to contact relevant authorities, namely police or social services if I became aware of an issue relating to the imminent danger to another individual or the welfare of a child or vulnerable adult.
How I store your personal data
Once taken, your personal details will be stored securely and separately from any future session notes.
Any hardcopy data (i.e word processed notes, email print-outs) is filed away in a locked filing cabinet.
From the outset, you will be allocated a unique Client Identification Code which relates only to you. This code will be used for the duration of your therapy on any session notes, in my smartphone contacts and email contacts.
* Any emails you send will not be electronically retained. They will either be deleted or printed and placed with your records and then deleted.
Any word processed personal data, including session notes is individually password protected and stored on a password protected external hard drive. The external hard drive is stored in a secure cupboard in a locked room.
Erasing your personal data
All hardcopy data will be destroyed by shredding five years following the cessation of therapy. If you return as a client within five years, the date for shredding of all notes will be recalculated to the date of the end of the most recent session. **
All data stored on the aforementioned external hard drive will be deleted five years following the cessation of therapy. If you return as a client within five years, the date for deletion will be recalculated to the date of the end of the most recent session. **
Contact numbers and any text messages you send will be erased three months following cessation of therapy.
* Deletion of emails: See above.
** Records are kept for five years so that if you decide to return to therapy within this time you and I have a reference for historical reflection
You have the right to request verbally or in writing, details of personal data held about you and the right to request amendment or completion of incorrect or incomplete data. I will aim to comply within 21 days of your request. You also have the right to request that I erase any information held about you. This includes data which is no longer necessary for the original purpose for which it was collected or if you withdraw consent. Some information however, I have a legal obligation to retain. If consent is withdrawn during our work together, the counselling relationship would have to be terminated.