Privacy and Confidentiality
I respect your right to privacy, and the laws relating to data protection, namely General Data Protection Regulation (GDPR).
This is my Privacy and Confidentiality statement and commitment to clients.
It is a working document which I endeavour to update regularly and in accordance with legal amendments. Additionally, I will discuss confidentiality and privacy with you when contracting in your initial appointments.
The UK data protection regime is set out in the Data Protection Act 2018 and the General Data Protection Regulation. Data protection is about respecting the fair and proper use of information about people.
The Information Commissioner’s Office “ICO” is the UK’s independent body upholding information rights in the public interest. I am registered with the ICO as part of my responsibility for protection of your data.
I aim to be clear and transparent about use of your data, and as your counsellor will enter into a contract with you, confirming your consent to the processing of your personal data for the purposes of providing you with counselling services. I feel strongly about client safety and wellbeing, so have drafted a set of policies which set out the minimum standards you can expect when working with me. I aim to adhere to all legal obligations and professional commitments and am guided by the British Association of Counselling and Psychotherapy (BACP).
At any point you may ask me for clarification at: kristin@kristinramseytherapy.com
CONFIDENTIALITY AND DATA STORAGE
Our counselling work together is confidential. At our initial appointment, I will explain how your data will be held (also see Record and Note-taking section below):
I hold your personal data: usually your name, contact details, and your signed contract, in a locked storage in my home, to which only I have access.
In a separate locked storage, again to which only I have access, are brief notes I may make on our sessions. I do not use your name or information such as work place or family member names in these notes, and I make every effort for you not to be identifiable.
I will hold your phone number and email on my phone purely for arranging counselling sessions. It is password protected and only I have access to it.
I will invite you to consent to me using your data in this way at our initial appointments.
I will not sell your information, and it will only be shared upon your request, or with your consent or where required to do so in exceptional circumstances.
WEBSITE CONTACT EMAIL FORM
The business Webhealer operates and maintains my website and hosts my email. Content of your email is neither available to Webhealer staff nor stored on its systems.
ONLINE COUNSELLING SESSIONS
I make every effort to ensure I am working from a secure platform, usually Zoom, and I suggest that you similarly take all appropriate steps to ensure the security of your own online presence.
SOCIAL MEDIA
To protect your privacy, I do not to extend client-counsellor relationships to social media.
HELP PROTECT YOUR OWN PRIVACY
I suggest that no sensitive personal information be shared other than during counselling sessions and that contact between sessions, by phone call, text or email is limited to arranging sessions. Whilst I make every effort to protect confidentiality, all data that is transmitted electronically is done at your own risk.
EXCEPTIONAL CIRCUMSTANCES AND BREAKS OF CONFIDENTIALITY
You may instruct me in writing to disclose such information as you specify to a third party.
In exceptional cases, specifically a revelation by a client of intention to cause serious harm to themselves or others; involvement with terrorism; involvement with money laundering; I may have a professional, ethical, or legal duty to break confidentiality and inform relevant services.
In case of risk of harming yourself, I may request the name and address of your General Practitioner with the purpose of providing you further support.
I will endeavour to discuss any break of confidentiality with you first.
GENERAL DATA PROTECTION REGULATION (GDPR)
The GDPR requires me to state the lawful basis for holding and processing your personal data (e.g. your name and email address) and sensitive personal data (known as special category data - e.g. information about your health or religion). Unless stated otherwise, the legal basis for processing your personal data is ‘legitimate interests’, and for your special category data is ‘necessary for the provision of healthcare’.
KEEPING UP TO DATE
I am required to keep your data up to date, and it is your responsibility to inform me of any relevant updates such as change of contact details.
RECORDS AND NOTE-KEEPING
I will define how any information or material beyond contact information is confidentially and securely stored.
I keep ‘Session Notes’, recording time and place of meeting and perhaps brief details of the session and will make every effort that individuals are not identifiable.
I may use creative/art interventions. All work created by you in sessions is yours. Usually this will be given to you to take away at the end of the session. If you do not wish to hold it, we can discuss its storage or disposal. I will handle all items with the same confidentiality and security as other personal data.
ACCESS TO RECORDS
You can request in writing to see the Session Notes at any point during the counselling.
STORAGE AND DELETION OF YOUR DATA
At any point you can request that I delete your personal data with the exception of that which my professional insurers or the BACP may require me to retain for a specific period of time, or providing there is no other reason preventing me from doing so.
At the end of your counselling, your data will be held securely for up to 7 years depending on circumstance, after which it will be permanently and securely destroyed.
COUNSELLOR INCAPACITATION
In the event I become ill or otherwise unable to contact you, I have appointed a professional therapist, who at the relevant time will be able to access your name and contact details to help discuss your ongoing counselling requirements, and if depending on my situation, potentially securely dispose of all your data. I will obtain your consent to use your data in this way in my initial contract with you.
To request further information, please contact me:
Kristin@kristinramseytherapy.com
