GDPR - in summary
I aim to be fully compliant with current GPDR legislation. Identifiable information, if shared, will only be used in accordance with my privacy statement. I follow guidance from my governing bodies UKCP and my insurers Towergate.
As a private practitioner I will process some of your personal data. During the assessment process information such as next of kin, family members and medication are gathered and held. This is anonymised, coded and securely stored. No one but me can access this information.
Data Processing means obtaining, recording or holding information. The definition is very wide, and most of what I do involves a degree of processing. I process the personal data I have collected as controller. I maintain records of personal data and processing activities and hold responsibility should there be a breach.
Your Consent - you will be given a consent form to sign, if you wish to give consent, in Session 1 of our working together. This form will give further details on how your data will be kept. Nobody but me has access to any of your data. I will keep this process under review and refresh it if anything changes.
Data Storage - I promise to keep all sensitive data safely. This involves my anonymising, using passwords or initials only and encrypted documents. I keep all sensitive data in a locked filing cabinet.
Clinical will - In the event of a sudden cessation of practice eg through an accident or death, I have appointed a professional executor who manage things on my behalf. This is arranged for your welfare as my client and every step is taken to ensure GDPR standards are met.
Please see attached image for my full statement or contact me to be emailed the full statement.