In accordance with new government guidelines on data storage, the General Data Protection Regulation (GDPR), I require consent to hold and process client information.
I collect, store and process information about clients to enable me to run my psychotherapy practice and to provide an ethical service. This information can include their contact details as well other personal information. I am able to collect this information upon the legal basis of "Legitimate Interests" for the purposes of healthcare, as per GDPR regulations.
Client personal information is stored anonymously, under lock and key and/or password protected. I will keep this information for up to 7 years from the last session with a client, as per my insurer’s Terms and Conditions, at which point it will be destroyed or deleted.
I may use this information to track the progress of our work together or in discussion with my supervisor for reflection and guidance. Client contact information may also be passed on to my appointed Therapeutic Executor so that clients can be informed should anything happen to me that prevents me from attending sessions and from communicating with clients directly, such as illness or death.
I am registered as a Data Controller with the Information Commissioners Office (ICO). Further information about the ICO, the GDPR and your rights as a client with regards to information held about you can be found at the ICO website.