GDPR (General Data Protection Regulation) is the most significant piece of privacy and data protection in twenty years. It took effect on 25th May 2018 and from that date, I am required to ensure that I gain new data protection and privacy consent from all clients. In it (amongst other things) I confirm what information I hold about you and how I am permitted to use it. If you choose to book sessions with me, you will receive a digital copy of this information and be required to provide consent.
As part of the service I provide as a Counsellor I am required to hold the following personal information:
What: Personal Contact details (Name, telephone number, email address, home address, and date of birth) and details of an emergency contact.
Why : For the purpose of arranging sessions and in the case of emergencies
Shared with : GP or emergency services only in the case of a serious emergency. My supervisor (a requirement of the profession) will hold your first name and contact number in case I am ever incapacitated or otherwise unable to attend our sessions; this is the only time that they will contact you.
What: Anonymised, brief session notes.
Why: As an aide-memoire to the work and a record of attendance
Shared with: Absolutely no one without your prior consent, or a court order (which is very rare) demands their release.
Duration: Details will be kept for a maximum of seven years following the end of our work together, in anticipation of you needing to return, the notes being required by a court of law in future proceedings or to support the ethics board should a complaint be filed. After this time they will be securely disposed of.
What: Details of certain medical conditions (eg. asthma, epilepsy)
Why: As I offer an outdoor counselling service, it is important that I have access to any medical conditions that may need to be communicated to emergency services should an accident or other medical emergencies occur.
Shared with: Emergency services where failing to share the information puts your physical health and/or wellbeing at risk
Duration: Details will be kept for a maximum of seven years following the end of our work together, in anticipation of you needing to return, after which time they will be securely disposed of.
All information held is digital and fully encrypted (256-bit encryption), both in storage and in transit. All software used is GDPR compliant.
You can read about your rights by visiting https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/