I take your privacy seriously and I am fully committed to ensuring that your privacy is protected. I hope this policy is everything you need to know about how I use and protect any information that you give me, from when you first make an enquiry, through until after therapy or coaching comes to a completion.
THIRD PARTY PRIVATE POLICY STATEMENT
Your information does not get shared with anyone else within my private practice, as I manage my practice myself, and operate my business as an independent ''sole trader''.
From the moment you get in touch with me I will never try to obtain information about you from any third party without your knowledge and consent.
I will never share your information with any third party - unless you have explicitly told me that you would like me to, in order to help you get good support or healthcare.
There are only three lawful exceptions where I do not need your consent to share information to a third party: child protection, court order and risk to life. I'll explain this more below.
THE LAWFUL BASIS FOR PROCESSING YOUR DATA
I only use information about you in ways that are core or legally essential for me to fulfil my role as an effective, safe, ethical coaching to you.
I never keep or use your information in non-essential ways. For example: as a matter of principle, I do not have any social media linked to my website and I do not send newsletters or marketing campaigns.
Under GDPR regulations 2018, I am what is known as the 'data controller' and also the 'data processor', and I have specific responsibilities and requirements, accompanying these roles to protect your privacy.
DISCLAIMER: YOUR ROLE IN PROTECTING YOUR OWN PRIVATE POLICY
You acknowledge that the privacy of your communications and personal information can never be completely guaranteed when it is being transmitted over the internet.
You acknowledge and agree that you share information via the internet at your own risk.
You agree to take responsibility for your own role in safeguarding your data privacy in the email address you choose to use and whether or not you choose to password protect information you send to me.
My policy is to request that clients endeavour to take the following actions wherever possible:
To email me from an email address that does not have your full name in it
To only include your first name in any documents you send me
To password protect documents that you may send me
HOW DO I OBTAIN INFORMATION FROM YOU?
I obtain information from:
What you choose to share with me when you first contact me via my website's contact form, or when you phone or email me to make an enquiry.
What you choose to share with me - information you send me by email and over the phone (text or voice message)
Sessions we have together in person face to face, by phone and online (Skype or zoom etc)
Your health insurance company or healthcare provider, if relevant, and with your consent
If we agree to work together, I will of course want to get to know you, your needs, aims and life context so we can work really well together, with a good shared understanding.
YOUR PRIVACY WHEN YOU FIRST GET IN YOUCH
I'll only keep your contact information if I have the capacity to respond and be of help to you.
MY WEBSITE’S CONTACT FORM
If you get in touch via my useful contact form, you've got options to choose what information you wish to share with me.
Your information is not stored anywhere on my website platform - I've disabled that option, so your contact form goes directly through to me via email.
ABOUT YOUR INITIAL FREE PHONE CONSULTATON
If you make initial contact with me over the phone, or choose a free telephone consultation, you can choose how much you would like to share with me at this stage. The purpose of your initial free telephone consultation is about the practicalities: to find out if our schedules are mutually workable, for you to ask any questions about my approach, and for me to provide you with some information about the ways in which I could assist. However having a simple overview of your current issues, and what you want from sessions, can be helpful to ascertain if I am best placed to work with you.
YOUR PRIVACY IN OUR TEAMWORK TOGETHER
Emailing each other
After we have decided on an initial appointment I will usually send you a confirmation email detailing the venue, fee and other relevant practicalities.
Skype, facetime and Zoom services have updated their privacy measures to ensure they are fully compliant with GDPR regulations 2018.
You're welcome to install Zoom as an option for online sessions, if you wish to keep our meetings entirely separate from your Skype or Facetime account.
Sessions where we meet in person
The rooms I use on a weekly basis are dedicated therapy rooms, situated within mixed office spaces or my home, and are therefore very discreet.
I've sound tested all of the rooms that I use, and it is not possible to make out the words people are saying from outside the room, if indeed any conversation can be heard at all.
Obtaining information from third parties
If your therapy is being funded via a health insurance company, your insurance company may provide me with information, but this would never be without your prior knowledge and consent, in accordance with your agreed contract with them. Insurance companies typically encrypt or password protect sensitive information that they share.
On occasion, with your prior knowledge and consent, I may have reason to ask to obtain information from other healthcare providers involved in your care, for example if you are working with a psychologist, psychiatrist or another therapist. This will only be to ensure I am providing the most appropriate, safe, responsive and effective therapy for your needs.
If you're working with another healthcare provider, such as a psychiatrist or psychologist, you or they may wish for me to have information about you, but this is highly unlikely to ever be without your prior knowledge and consent. From 25 May 2018 all organisations and businesses will be required to ensure their privacy policies are fully compliant with GDPR directives. Make sure you know your privacy rights with each party involved in your care.
You have a right to view any information that is shared about you, and a right to have any information rectified that is incorrect.
I will never knowingly receive information about you that you have not given permission to be shared.
In rare and exceptional situations a family member, partner or friend may contact me, but that could only happen if you decided to share my details with them. All actions from that point would need to have you at the centre, with your full consent and you guiding appropriate therapeutic decisions at every step of the way.
WHAT TYPE OF INFORMATION DO I COLLECT ABOUT YOU?
I will collect the following personal information from you if we decide to work together, because, as a registered healthcare practitioner, I would be reasonably expected to have this in case of an emergency:
Your name and contact details
Given the nature of coaching, some of the information you may share with me is likely to be classified as sensitive. I'm legally required to take strong measures to protect your confidentiality with any of the following sensitive information that would be important for me to know in order to help you:
Your mental and physical health
Use of alcohol, prescribed and non prescribed drug use
Any criminal offences or alleged offences
If you choose to share any information with me about your relationship or sexual history or orientation, your family, lifestyle, employment, religion or cultural background, this is also respected as 'sensitive'.
WHAT DO I USE THE INFORMATION FOR?
I may at times need to ask you about some of the above sensitive information with the specific purposes of ensuring that:
The service I provide to you is properly responsive to your specific circumstances and needs.
I make safe and effective clinical and therapeutic decisions
I respond to you in the most considerate way
We communicate openly with one another to make wise and appropriate decisions together in a teamwork approach
With regards personal and sensitive information, I don't need to have a written record of everything you share with me. I keep my note taking outside of sessions to a minimum, and encourage my clients to keep their own notes of useful ideas, insights and reflections. As they relate to you and your progress, it's much more relevant and helpful that notes are written by you and stay in your possession.
There are of course some things that I must, legally, have a written record of, if it is in direct relation to your safety or the safety others, such as emergency contact information, or information related to suicide risk, child protection, domestic abuse, or other violent crime, or should I ever need to account for my clinical decisions and/or respond to complaints.
TRANSPARENCY OF RECORD KEEPING
Records comprise of:
The emails, reports, forms or letters you have decided to send or ccd to me
Emails, reports, forms or letters I have sent or ccd to you to the email address of your choice
Any information you have forwarded to me from a healthcare provider or insurance company
Any information I have received from a healthcare provider I will always show you if you have not already been ccd
Any information I send to an insurance company or healthcare provider I will make sure you have a chance to read and rectify as appropriate before I send
And, if a legal or risk issue has been identified: risk assessment and risk management plan, and my clinical supervisor's recommendations, which I will also share with you, unless it would increase a safety risk to do so.
MEASURES I TAKE TO STORE YOUR DATA SECURELY
These are the measures I take to protect your data before it can be deleted or destroyed:
Storing paper information securely
I keep handwritten or printed information about you to an absolute minimum in order to protect your data.
I do not print or keep duplicate information wherever this can be prevented. For example, if you or your insurance company have sent me digital information via email, I do not then print it.
All handwritten or printed information that has any personally identifying information on it about my clients is kept in a securely locked filing cabinet.
Keeping electronic information securely stored
My devices are all password protected, with strong passwords that are all different from each other, and which I change at suitable intervals.
I do not share my devices or passwords with anyone else other than the l therapist who is the executor of my ‘Professional Will’ who has the password for my laptop. She would only use this in the unfortunate event of me being unable to work (death, serious illness etc.). At this point my executor would access my current client list and inform them of the situation.
I do not store any personally identifying information of my clients on a mobile phone, except for your number and names are coded.
If you get in touch with me via Skype the contact details you use are stored, but I do not store any therapy related information on these platforms.
I do not record phone or Skype, Facetime or Zoom sessions. If you wish to record a session to help you remember, you're welcome to do so, as long as you acknowledge this data is then your responsibility.
If I need to electronically send a report or invoice, I send this separate to your personally identifying information or I password protect the document.
I clear my downloads related to client information on all devices when I am not actively making use of those downloads.
I do not keep your personal or sensitive information stored on any external hard drive or memory stick. While our work is active, I keep electronic information in the following two places only:
On my password protected apple laptop - please https://www.apple.com/legal/privacy/en-ww/ for apple's GDPR policy relating to their products
My password protected Gmail account (email@example.com) please see Google's GDPR compliant security measures https://privacy.google.com/businesses/compliance/#?modal_active=none
Once our work has come to an end, all ???
WHO I MAY NEED TO SHARE YOUR INFORMATION WITH
I will never share your info with any third parties other than those to assist me in my own management of your data such as online systems and tools. IN all cases they will be securely held and only accessible by me.
CONTACT ME IF YOU HAVE ANY QUESTIONS
If you have any questions or concerns about how your data is processed or shared, please do not hesitate to contact me by emailing on firstname.lastname@example.org or call on +44 (0) 07870 239 535