General Data Protection Regulation
DATA PROTECTION POLICY OF JEAN TWOMEY
From May 25th 2018, Psychotherapists and Counsellors are governed by legislation which we have to adhere to by law. The General Data Protection Regulations. This is an EU law designed to protect the privacy of EU citizens and as obliged I will inform all Clients of the details of how it operates in relation to Counseling and Psychotherapy and client records.
Client privacy is important and I am committed to respecting the privacy of all clients. I will apply appropriate protection and management of any Data relating to them.
Only the minimum amount of information will be recorded on any individual. This is to help me to manage client cases. The information will be kept confidential and with the highest standards of security. The information will only be used in accordance with The Data Protection Regulations, and as applicable to the Counseling and Psychotherapy profession.
Any personal Data will only be used for the following purposes:
Delivering Counseling/ Psychotherapy
Booking or changing appointments
In Psychotherapy Supervision where elements of cases are discussed while ensuring anonymity for the person concerned
Data Control: All matters relating to the client’s file will only be discussed with the client.
Data Storage: All files are stored in a secure manner. No files are stored online or on any facility such as Cloud.
Who has access to the records and why: I am the only person with access to the client’s files. A client’s file may be required under law to be surrendered to a legal authority. The Individual will be informed of such a request unless I am forbidden by law from doing so.
How long is Data retained: At present all records must be retained for seven years after the last appointment. In the case of a minor the file will be kept until seven years after their eighteenth birthday.
Your Rights: A client can demand to see their file at any time. Under the legislation, I have forty days to comply with such a request however I will comply as soon as is possible from the time of the request. If a client feels that some information is not needed or is incorrect they can request that it be corrected or removed from the file.
Computer Storage: Only client invoices are stored on my computer.
A client can request that their file be destroyed or deleted. Requests for destruction of files must be in writing and sent by registered post. The client will be provided with a formal statement stating that their file has been destroyed and or deleted. This will be sent to them by registered post.
There are exceptions to this and should one arise with a client they will be involved in every step of any procedure relating to their file.
Exceptions: If access to the file information could cause serious mental or physical harm to the client. In this case the client’s doctor would be consulted.
If the information in the file is requested by a legal authority through a search warrant or court order.
In the case of a public health matter.
In the case of a child protection matter.
Electronic Communication: I am mindful to delete emails and texts etc after an appropriate period of time.
Communication with third parties: I do not share any information with any third parties. An exception would be to speak with the client’s doctor or another person in the client’s interest and only with the client’s permission.
If a client wants to transfer to another practitioner, I can give them their file to take with them if they request it. This request must be in writing.
Appointments Diary: My appointments diary is always kept in a secure location.
THIS POLICY MAY BE UPDATED IN THE LIGHT OF UNFORESEEN CIRCUMSTANCES OR TO EFFECT A CHANGE IN GOVERNMENT/EU REGULATIONS. ALL CURRENT CLIENTS AT THE TIME WILL BE INFORMED OF ANY ALTERATION TO THIS POLICY
Any questions in relation to any aspect of this policy are welcome.
____________________ Date: ______________