JV Psychology Services Ltd. is registered with the Information Commissioner’s Office (ICO). This statement refers to how your data will be used and protected, including how GDPR compliance is ensured.
- Personal information will be collected about you if you choose to contact the service. Your personal data is processed so, as a Clinical Psychology Service, appropriate assessment and/or intervention can be carried out effectively. Data collected may include:
- Personal or sensitive data (e.g., name, address, gender, telephone numbers, email address, next of kin details and GP details).
- Communication data in text messages, emails and/or voicemails.
- Information about your current difficulties (i.e., presenting problem and goals)
- History about your background (e.g., medical history, education, occupation).
- To ensure you receive a safe and evidenced service, the above data along with a log of contacts you have with the therapist (e.g., appointments, letters / reports) will be recorded. Personal data is also collected in relation to legitimate interests in running the service (e.g., invoice / receipts).
- Your personal data will be kept up-to-date and you have the right to update and correct personal information. You have the right to request all personal information that we hold that relates to you.
- Psychological therapy will be provided within a safe and secure environment, and your confidentiality will be respected at all times. There are a number of exceptions to this, however, whereby the therapist will have a duty of care to ensure the safety of yourself and/or the public to breach this confidentiality agreement. These exceptions include if the therapist believes you are at risk of harming yourself and/or others. It also includes disclosure if a significant crime has been committed by you or others. In these exceptions, only relevant information will be disclosed to relevant professionals (e.g., GP).
- If sessions are being provided by a Private Medical Insurer (PMI), they often request summary updates of the work completed. Only relevant information to their request will be provided following this first being agreed with you.
- Your information is kept confidential. All personal information is stored in compliance with General Data Protection Regulations (GDPR) rules. All identifiable information will be minimised where possible so that individual clients cannot be easily identified. Any handwritten notes will be stored in locked filing systems. Any data on portable and/or electronic devices is password protected and stored securely. Emails will be sent and received via ProtonMail, which is an end-to-end encrypted email service.
- Data is not kept for longer than is necessary. Confidential paper records will be destroyed via confidential shredding when data is deemed no longer appropriate, which is recommended as a period of 7 years following completion of psychological assessment or intervention. Electronic data will be permanently deleted by the same standard as paper records. You have the right to ask for your data to be deleted / destroyed. Where personal data is shared as part of a service enquiry, and the client does not commence therapy, this will be deleted as soon as possible.
- As part of professional conduct and compliance with the Health Care Professions Council (HCPC), the therapist is required to undertake supervision of clinical activity. All individuals involved adhere to a strict professional code of conduct. Information discussed and recorded as part of this process will remain anonymous.
- If you have any concerns or complaints about the way your personal information is used, you have a right to complain directly to the therapist. If you do not receive a response within 30 days or you are not satisfied with the response, you have the right to complain to the Information Commissioner’s Office (ICO).