Data Protection Policy
Any personal data that you provide to me through any means (verbal, written, in electronic form, or by your use of my website) will be held and processed in accordance with the data protection principles set out in the Data Protection Act 1998 and the General Data Protection Regulation, for the purposes for which you have given consent, to provide the professional services you have requested from me, and to meet the legitimate interests of my work.
This policy only applies to data collected by me, and via my own forms and website. Third party agents, and websites which are linked to this, are not covered by this policy. If you have any queries concerning your personal information or any questions about my use of the information, please contact me.
When you request psychotherapy with me, or otherwise provide your personal details to me as part of my work as a psychotherapist, you will be asked to consent to my processing of your data under the terms of this statement.
What information do I collect?
Psychotherapy requests
Contacting me to request access to psychotherapy services can be done online, on paper or by phone. This involves providing your name, a means of contact, and your availability. This may also include information about your therapeutic needs and history.
Initial discussions
At any initial discussion, I will ask about your current personal, social, professional, financial and medical circumstances. I may also ask about your background and family history as well as the issues which are affecting you now. I require this information so that I can determine the suitability of psychotherapy with me, for you.
Psychotherapy
If we agree to work together, I will ask you to complete a written contract, which I will discuss with you. This normally includes giving your name, date of birth, address, telephone numbers, email address, postal address, GP details, medication details, medical/psychiatric history, and next of kin. I may also keep records of ongoing work, appointments, attendance and payments. If you make online payments to me then I will have a record of your bank details.
What do I use your information for?
To provide clients with a professional psychotherapy service.
To offer appointments.
To notify you about changes to your appointments or other changes to services.
To seek feedback from you on your experience of working with me.
To administer psychotherapy services, including arranging sessions and financial control.
What information do I share?
I will not share any information about you with other organisations or people, except in the following situations:
Consent: I may share your information with others whom you have requested or agreed I can contact.
Serious harm: I may share your information with the relevant authorities if I have reason to believe that this may prevent serious harm being caused to you or another person.
Compliance with law: I may share your information where I am required to by law or by the regulations and other rules to which I am subject.
Clinical supervision: it is a professional requirement for psychotherapists to review their work with a supervisor, who is also bound by confidentiality.
In the event of my serious incapacity or death, my appointed professional executor will access your details to contact you to advise you of events, and consider options for future supports if you require them. These executors are psychotherapists and are bound by professional confidentiality.
As part of the backups of encrypted data processed and held by professional IT security companies.
How do I keep your information safe?
All information you provide to me is stored as securely as possible. All paper forms and correspondence are kept in locked filing cabinets on my premises. All electronic records are stored on my computer, access to which requires password-protected authentication, or by reputable service providers using secure encrypted Internet ‘cloud’ technology. I may also hold your data on my secure smartphone.
Unfortunately, the transmission of information via the Internet is never completely secure. Although I will do my best to protect your information using industry-standard applications, protocols and encryption, I cannot guarantee the security of data transmitted to me via email, including forms completed on my website which are transmitted by email; any transmission is at your own risk. Once I have received your information, I will use strict procedures and security features to try to prevent unauthorised access.
Your identifiable personal information is kept separately from any session notes and other descriptive material. Client notes and other documentation are destroyed six years after the end of psychotherapy.
Your rights
You have the right to ask me to provide a copy of the information held by me in my records. You also have the right to require me to correct any inaccuracies in your information. If you would like to do this, please contact me. Any inaccuracies will be amended promptly.
You may wish to request changes to how certain aspects of your information are stored – please contact me. You may withdraw your consent for me to hold and process your data at any time. However, if you do this while engaging in psychotherapy with me your work with me would have to end. You can withdraw your consent by contacting me.
Changes to this policy
I may edit this policy from time to time. If I make any substantial changes I will notify you in writing.
Lindsey Tull
March 2019