This privacy statement outlines how your personal data will be collected, handled and stored by Forward Move Psychology Service. Personal Information that you have provided, or have been asked to provide will only be used in the ways described below.
What is personal data?
· Personal Data describes any type of information that can identify an individual. This includes information such as your name and contact details.
· Sensitive Data is a specific type of personal data. This includes information about your health and ethnicity.
Why do you collect and process personal information?
Collecting and processing personal information is essential to provide you with the service you have requested and to provide you with an effective therapeutic service that adheres to the requirements of the Health Care Professions Council (HCPC) and British Psychological Society (BPS).
Information that is collected is limited to what is necessary for the purposes of engaging in psychological work together. This data enables your psychologist to:
· Contact you to arrange appointments, training or supervision dates
· Conduct an in-depth Psychological Assessment
· Implementation of an effective Treatment Plan
· Map the progress towards the achievement of our therapy goal(s)
· Risk Management (please see terms and conditions for more information)
Information will be collected upon the completion of the ‘registration form’ and will continue to be processed (if appropriate and necessary) throughout your engagement with the service. A record of any correspondence through emails and/or telephone contact prior to and during therapy sessions will be documented and processed. The way personal information is collated and processed is regularly reviewed and all relevant documentation is updated.
How will my information be processed?
Information can be held in several formats:
· Cliniko- After the completion of a registration form, a client record will be created on Cliniko. This is an electronic practice management software programme that is password protected and GDPR compliant.
· Questionnaires, written notes and letters- These help you and your psychologist keep track of your progress and allow for continuity in the treatment model that has been chosen. Any paper notes are kept in a locked filing cabinet. Following your last contact with the service, your individual session notes, letters and questionnaires are stored electronically on your client record and paper copies are shredded.
· Emails- Emails are uploaded onto client’s electronic clinical record and original emails are destroyed.
· Work Computer- All work computers are password protected. All passwords are changed regularly and are not shared.
What is the length of time you will store my information for?
· For an adult, information is held throughout your engagement in the service and for a further seven years after your last contact with the service.
· For a child and young person, information is held throughout your engagement in the service and up until their 25th birthday. If a young person is aged 17 years old at the point of their last contact with the service, information will be held until their 26th birthday. Information is held eight years following a death.
· Client Records are reviewed annually and data is deleted once the time frame outlined above has lapsed.
Is my information shared with external authorities or third parties?
In exceptional circumstances, it may be required for your information to be shared with an external authority. This will be discussed with you prior to information being shared with a third party organisation unless your psychologist believes it has the potential to increase the level of risk of harm towards yourself and/or someone else.
Information may be shared with a third party organisation:
· If a disclosure has been made that is in the public interest, to prevent a miscarriage of justice, legal duty (e.g. relating to a Court Order) or it is directly related to professional ethics and law.
· If a disclosure has been made that details information relating to risk such as concerns of potential harm towards a client, towards a child or another adult.
· In order to meet your individual needs, information may be shared with your GP or other healthcare provider, with your consent, and after it has been agreed in advance. This could include sending them a discharge summary or an update on the progress towards your therapy goal in order to meet your individual needs.
How do you keep information about me up to date?
It is really important to ensure the information you provide us is accurate. In our initial assessment appointment, we may ask you about the information you provided on your registration form to ensure your client file is correct and up to date. Personal information is subject to change depending on our circumstances (e.g. if we move, change GP, change our telephone number etc). In these instances, we ask you to notify us as your earliest opportunity so that we can keep our records accurate and up to date record.
How can I access the information you hold?
You are entitled to make a Subject Access Request (request to access information that is held about you). Requests will need to be made in writing (either email or post) and sent to Dr Carly Jeffery, Data Protection Officer at DrJeffery@forwardmovepsychology.co.uk. Prior to any information being shared, identify verification is required. Once a request has been received, Forward Move Psychology Service aim to provide you with the relevant data within 30 days.
Can I request for information about me to be removed?
If you wish for information about you to be erased or removed, you can make a request via email to Dr Carly Jeffery, Data Protection Officer at: DrJeffery@forwardmovepsychology.co.uk. Once a request has been received, you will be kept up to date on the erasing and removing of your data. Whilst your psychologist will endeavour to act upon your request, it may not be possible for information to be erased. For example it may not be possible to remove data if it does not meet professional data retention regulations and if the data needs to be kept (e.g. on-going legal matter).
What if there is a data protection breech?
The security of personal information is very important at Forward Move Psychology Service and the service will endeavour to hold your information as securely as possible. Our data protection methods and privacy statement are reviewed annually in accordance with the Data Protection Act (1998) and the General Data Protection Regulation (2018).
In the unlikely event that a data protection breach has occurred, you will be notified immediately and you will be alerted to any potential risks. The Information Commissioners Office (ICO) will be notified and relevant procedures adhered to.
Who should I contact if I have concerns about the management of my data?
If you have any questions, queries or concerns about how your data is managed by Forward Move Psychology Service, please contact Dr Carly Jeffery, Data Protection Officer in the first instance. If in the unlikely event your concerns were not resolved, you have the right to make a formal complaint to the Information Commissioners Office (ICO).
Date Reviewed: March 2020