My privacy notice, in line with the General Data Protection Regulation (GDPR) 2018, explains the information I hold on clients, why I hold this information and the way it is securely maintained and disposed. I will ask for the client's consent for me to hold this information once therapeutic work begins.
I ask for client consent to hold on file name, age at the start of therapy, email address, and mobile number, for the purpose of providing a professional service in accordance with the ethics and code of conduct set out by the professional bodies for which I am a member: British Psychoanalytic Council (BPC) and British Association for Counselling and Psychotherapy (BACP).
I will not share this information unless in exceptional circumstances where there is risk of harm to the client or others, or where I am required to do so by law. In such circumstances every effort will be made to talk to the client about this first.
Records for legal purposes
I hold basic attendance records, using client initials only, and signed copies of the Privacy Notice and Therapy Agreement, for a limited period of five years after therapy ends, after which they are disposed of securely. Client contact details are shredded within four weeks of work ending.
I do not hold clinical notes on individual therapy sessions.
I entrust two registered professional colleagues, known as my ‘professional executors,’ with the knowledge of how to access client contact details so that in the unlikely event of my death or incapacitation clients will be informed and, if appropriate, offered information about further professional help. For this purpose, basic contact details are held in a secure, password-protected online document until therapy ends. I also hold client mobile numbers and email addresses on my mobile phone, should clients need to contact me urgently regarding a therapy session.