You may be aware of new laws relating to General Data Protection Regulation (GDPR) that are in effect from 25 May 2018. The purpose of GDPR is to provide a set of standardised data protection laws across all EU member countries. This document sets out how LINKAT Psychology LLP, comply with these laws.
LINKAT Psychology, LLP offer private psychological services. This means that we have access to data provided by individuals who contact our company to enquire about, and in some cases, go on to receive psychological services. In reality, this encompasses personal information needed to offer services including personal details, bank details and emails between clients and the company. Notes taken during and in preparation for sessions are held by your specific therapist and therefore, not accessible to other individuals in the LLP.
Personal data LINKAT Psychology process
We may process the following personal data from therapy clients:
- Personal data: basic contact information: name, address, email, contact number, bank details, video conference ID (if online therapy), and GP contact details.
- Sensitive personal data: Therapy records (therapist notes, letters, reports and/or outcome measures).
The lawful basis for processing personal data
Our professional registration requires us to keep information about our clients and the work that we do.
We cannot offer you services unless you allow us to keep data about you and our work together. We will only use your personal information to provide the services you have requested from LINKAT Psychology LLP.
We have what is known as a legitimate interest for keeping data. Our company is registered with the Information Commissioners Office (ICO) to do so. We follow the rules set down by our professional regulator (the Health and Care Professions Council; HCPC), and the British Psychological Society (BPS).
How long LINKAT Psychology stores your personal information
We will only store your personal information for as long as it is required. Basic contact information that may be held on mobile phones for the purpose of therapy is deleted within 6 months of the end of therapy.
The sensitive personal data defined above is stored for a period of 7 years after the end of therapy. After this time, this data is deleted at the end of each calendar year.
Who LINKAT Psychology might share personal information with
We hold information about each of our clients and the therapy they receive in confidence. This means that we will not normally share your personal information with anyone else. However, there are exceptions to this when there may be need for liaison with other parties:
- If you are referred by your health insurance provider, or otherwise claiming through a health insurance policy to fund therapy, then we will share appointment schedules with that organisation for billing. We may also share information with that organisation to provide treatment updates.
- In cases where treatment has been instructed by a solicitor, relevant clinical information from therapy records will be shared with legal services as required and with your written consent.
In exceptional circumstances, we might need to share personal information with relevant authorities:
- When there is need-to-know information for another health provider, such as your GP.
- When disclosure is in the public interest, to prevent a miscarriage of justice or where there is a legal duty, for example a Court Order.
- When the information concerns risk of harm to the client, or risk of harm to another adult or a child. We will discuss such a proposed disclosure with you unless we believe that to do so could increase the level of risk to you or to someone else.
What LINKAT Psychology will NOT do with your personal information
We will never share your personal information with third-parties for marketing purposes.
How LINKAT Psychology ensures the security of personal information
Personal information is minimised in phone and email communication. Email applications use private (SSL) settings, which encrypts email traffic so that it cannot be read at any point between our computing devices and my mail server. We will never use open or unsecure Wi-Fi networks to send any personal data.
Personal information is also stored on our private work computer hard drives which are password protected. Individual electronic files and documents that contain personal information are always password protected. Malware and antivirus protection are installed on all computing devices. Mobile devices are protected with a passcode/fingerprint scanner, mobile security and antivirus software.
Your right to access the personal information LINKAT Psychology hold about you
- You have a right to access the information we hold about you.
- We will usually share this with you within 30 days of receiving a request.
- There may be an admin fee for supplying the information to you.
- We may request further evidence from you to check your identity.
- A copy of your personal information will usually be sent to you in a permanent form (that is, a printed copy).
- You have a right to get your personal information corrected if it is inaccurate.
- You can complain to a regulator. If you think that we haven’t complied with data protection laws, you have a right to lodge a complaint with the Information Commissioner’s Office.
Therapy records are retained for a period of 7 years in accordance with the guidelines and requirements for record keeping by The British Psychological Society (BPS; 2000)1and The Health and Care Professions Council (HCPC; 2017)2. Therefore, we reserve the right to refuse a request to delete a client’s personal information from their therapy records, where to do so would be in contradiction of the above guidelines.
These terms and conditions will be emailed to you prior to the start of therapy. Please do not hesitate to ask any questions you may have about how we hold your data.