Respecting your right to privacy.
Therapy Client GDPR
What therapy client data is held about you?
I keep certain data so that I can work safely and professionally with you, in line with the guidelines of the professional organisations that I belong to, including ICP and IPAA.
The therapy client data GDPR I hold may include:
1. Your name and address
2. Your contact telephone number
3. An emergency contact’s name and telephone number
4. Your GP name and contact details
5. Relevant medical information
6. Any information you give to me as part of the therapy such as copies of creative writing, artwork, letters etc
7. Session notes
8. Payment information
9. Any email correspondence between us regarding appointment arrangements (I do not engage in email communication other than this and no therapeutic work is carried out by email)
10. Invoices & receipts
You also have the right to view it, and to ask for corrections to be made to it.
You do not have the right to erasure as:
the legal basis for data processing under contract law states records must be kept for 6 years
client notes are required to provide evidence in the event of a complaint.
All breaches must be reported to the Data Protection Commission within 72 hours, unless the data was anonymised or encrypted. Breaches that are likely to bring harm to the individual – such as identity theft or breach of confidentiality – must also be reported to the individual. If I discover there has been a data breach of your personal information that could put you at risk, I will undertake to tell you as soon as possible and also inform the data Commissioner.