Privacy Policy and Data Retention Statement
Effective from 25th May 2018 & Covid 19 Policy Updates
Please feel free to browse both Policies and get in touch if you would like to discuss either in more detail
General Data Protection Regulation
I aim to be fully compliant with current GDPR legislation and to let you know how I use and protect the data you’ve given me.
GDPR replaces the previous Data Protection Act. I wish to be transparent with regards to the processes I have in place. Identifiable information, if shared, will only be used in accordance with this privacy statement.
I follow guidance from my governing bodies: British Association of Counselling and Psychotherapy, and my insurers: Towergate.
As a private practitioner, I’m considered the data processor and controller in my practice. As the data controller, I process some of your personal data. During the assessment process, information such as next of kin, family members, and medication is gathered and held. This is anonymised, coded, and securely stored. No one but me can access this information.
Data processing means obtaining, recording, or holding information. The definition is very wide, and most of what I do involves a degree of processing. I process the personal data I have collected as controller.
I maintain records of personal data and processing activities and hold responsibility should there be a breach.
Consent
This is a primary concern and is separate from other terms and conditions.
As my client, you can withdraw consent at any time. I hope to offer you choice and control.
As a therapist who also uses creative interventions, I want to ensure you know that any drawings or art done in session are yours.
I will store this material safely and dispose of it in a timely manner. I will never use any of your data or artworks for writing, publishing, research, or training purposes without your permission.
If either of us need or want to record the session audibly or visually, this will be discussed and agreed upon with further written consent. These recordings will be deleted following supervision.
I have monthly ongoing supervision to support and ensure my practice is safe. When I share client material or images, this is always done confidentially, protecting your identity.
I name my own supervisors in my supervision agreement to be transparent to those I supervise. Nobody but me has access to any of your data.
I will keep this process under review and refresh it if anything changes.
Note Keeping
I make process notes. When I decide to do so, I shred and dispose of this confidential material as soon as possible, often after supervision.
I keep minimal content notes which I hold for seven years in paper form in a lockable filing cabinet. After this time frame, they are disposed of securely.
You have a right to see the information I hold about you should you wish to. You also have a right to change any information which you consider to be incorrect.
You can ask me to delete all or any of the information that I hold. There are, however, some details I need to keep due to legal and professional obligations.
Data Storage
I promise to keep all sensitive data safely.
This involves anonymising, using passwords, and encrypted documents. I keep all sensitive data in paper form.
In addition to this, I work with the database system provided by the BACP. This system is called Bacpac - it is a secure and encrypted site used to keep records of appointments and brief details of the therapy undertaken.
I dispose of any electronic data within six months of the end of our contract. I also dispose of emails on a six-monthly basis.
While we work together, I will store your name, email address, and phone number on my smartphone. I only contact you in response to you or concerning appointments. When we discontinue working, I will delete your number.
I do not engage with clients through any social media.
In The Event Of A Complaint
Please contact me directly. If we cannot resolve this, you could then contact the Information Commissioner Office (ICO).
I am registered with them, and my reference number is A8457211. You can find more information at https://ico.org.uk/concerns/handling/ or refer to their guidance for GDPR compliance.
Clinical Will
In the event of a sudden cessation of practice, such as through an accident or death, I have appointed a professional executor to manage things on my behalf.
This arrangement is made for your welfare as my client, and every step is taken to ensure GDPR standards are met.
Agreement
Having read, understood, and discussed the above, both parties are satisfied with regards to consent and the data and privacy policies.
We agree on why I have collected and kept specific data and what I do with it. You may withdraw consent at any time without detriment.
I will regularly review consent with you to check that the relationship, the processing, and the purposes have not changed.
Signed by Lisa Hall : Miss Lisa Hall
Download Full GDPR PolicyCOVID-19 Policy
I am committed to ensuring the safety and well-being of my clients, their families, and myself during all sessions. This policy outlines the steps taken to minimize the risk of COVID-19 transmission while continuing to provide effective and compassionate care.
1. Health Screening
Clients are kindly asked to reschedule appointments if they are experiencing any symptoms of COVID-19, including but not limited to fever, cough, or loss of taste/smell.
I will also monitor my own health and reschedule sessions if I experience symptoms.
2. Hygiene and Sanitization
Handwashing facilities and/or hand sanitizers are available before and after each session.
High-touch surfaces and equipment used during sessions will be thoroughly cleaned and disinfected between clients.
3. Face Coverings
Face coverings are optional and based on individual comfort levels unless otherwise advised by public health authorities.
Clients are welcome to wear face coverings if they prefer, and I will use a mask upon request.
4. Ventilation
Sessions will be held in well-ventilated spaces to ensure proper air circulation.
When appropriate and feasible, windows will be kept open or air purifiers will be used.
5. Remote Sessions
Telehealth options (e.g., video or phone consultations) are available for clients who prefer not to attend in-person sessions or are self-isolating.
6. Self-Isolation Guidance
Clients and I will follow UK government self-isolation guidelines if testing positive for COVID-19 or if in close contact with someone who has tested positive.
7. Adherence to Updated Guidance
This policy will be reviewed and updated regularly to comply with the latest public health advice and regulations from the UK Government and the Health and Care Professions Council (HCPC).