Therapy NI Clinical Psychology Services
Privacy Policy
We are Chartered Clinical Psychologists registered with the British Psychological Society (BPS) and the Health and Care Professions Council. (HCPC). As such we are obliged to comply with the Codes of Practice set out by these organisations.
In order to provide you with clinical psychology services, we need to collect and process your personal information. We are obligated to process your personal data in compliance with the General Data Protection Regulation (GDPR) and the Data Protection Act 2018.
Within our practice we are the Data Controller of your personal information. This privacy notice describes the information we collect about you, how it is used and shared, and your rights regarding it. We will take all possible steps to protect personal information. We will ensure that we do not do anything that may infringe your rights or undermine your trust. In the case of Video Therapy only GDPR compliant platforms will be used such as Zoom or Skype. Any email correspondence relating to you will be sent using an encrypted email service.
Our Practice is registered with the Information Commissioner’s Office and our ICO registration number is ZB867973. You can check our registration on the ICO’s Data Protection Register here. If you need to contact us about your personal information and how we process it please contact us at chrissie@therapyni.co.uk or stephen@therapyni.co.uk
What Personal Data do I process about you?
To provide services to you we will need to process the following type of personal information:
Basic contact details, including your address and telephone number,
Next of kin information
Financial information or details relating to your Health insurance where this is relevant
Details relating to your background, education and employment
GP details
If you complete an online enquiry form, we will also have internet protocol (IP) address and email address
We will also need to process sensitive data relating to your health information such as that held in therapist notes, reports and referral letters. Where relevant this may also include information from Social Services. On occasion, if shared with us we may also hold personal data relating to criminal convictions and offences.
Where do we obtain your personal data from?
The vast majority of the information that I hold about you is provided by you to us in the course of your therapy. We will also obtain information from other sources when appropriate, such as
Medical Notes & Records
Referral Letters
Health Professionals and Therapists
Information from employers, social services, educational establishments
Information in legal documents
Health insurance providers
We use your personal information for the following purposes:
To provide psychological assessment and therapeutic services;
To manage and administer my practice;
To comply with all regulatory and professional obligations
Communicate with you about my services
To communicate with other relevant third parties when appropriate, such as your GP.
Our lawful basis for processing your information
In order that we can provide clinical psychology services we must process your personal data. The General Data Protection Regulation (the GDPR) requires that where we process personal data we must have a lawful basis for doing so. The lawful bases identified in the GDPR that we seek to rely upon are as follows:
Your specific consent to process your data for the provision of therapeutic services. You will also have the right to withdraw your consent at any time.
To comply with our contractual obligations
Compliance with a legal obligation – to comply with various regulatory and professional obligations.
To ensure your vital interests for safeguarding and risk management.
To achieve the legitimate interests of our practice and your interests as a client of our practice. These legitimate interests include but are not limited to the purposes set out above.
Processing Special Category and Criminal Offence Data:
The GDPR specifies that where we process special category data, such as medical information or information relating to criminal offences, we must rely upon certain exemptions in order to do so lawfully. The following exemptions are applicable in my practice
We have your explicit consent to do so;
It is necessary for the provision of therapeutic services
Who we might share personal information with
We hold information about each of our clients and the therapy they receive in confidence. This means that we will not normally share your personal information with anyone else. However, there are exceptions to this when there may be need for liaison with other parties:
If you are referred by your health insurance provider, or otherwise claiming through a health insurance policy to fund therapy, then we will share appointment schedules with that organisation for the purposes of billing. We may also share information with that organisation to provide treatment updates.
In cases where treatment has been instructed by a solicitor, relevant clinical information from therapy records will be shared with legal services as required and with your written consent.
For the purposes of accounting, we need to share bank statements with our accountant. If you pay for your services with us through bank transfer, it is possible your name will appear on our bank statements depending on how you have set up the bank transfer details. All information and data handled for accounting purposes adheres to GDPR guidelines and is strictly confidential.
In exceptional circumstances, we might need to share personal information with relevant authorities:
When there is need-to-know information for another Health and Social Care provider, such as your GP or Social Services
When disclosure is in the public interest, to prevent a miscarriage of justice or where there is a legal duty, for example a Court Order.
When the information concerns risk of harm to the client, or risk of harm to another adult or a child. We will discuss such a proposed disclosure with you unless we believe that to do so could increase the level of risk to you or to someone else.
How long will we retain your information?
Data is retained at the end of service provision in line with Department of Health and BPS guidance. The retention period is 7 years post treatment for adults and until age 18 plus 7 years for children and young people. Your data will be stored electronically on an encrypted and password protected system.
Once this retention period has expired, we will delete your information unless:
There is an unresolved issue, such as a claim or dispute;
We are legally required to; or
There are overriding legitimate business interests to do so.
Where your data is no longer required, all hard copy and electronic data will be deleted in accordance with our Data Protection Policy.
Email enquiries will be deleted after one month if you are not proceeding with my assessment or therapeutic services.
Your rights
The GDPR gives you specific rights in terms of your personal data. These are as follows:
You have the right of access to the information we hold and what we use it for; you can ask for a copy of the personal information we hold about you;
You can ask us to correct any inaccuracies with the personal data we hold
You can ask us to stop sending you direct mail, or emails, or in some circumstances ask me to stop processing your details.
Finally, if we do something irregular or improper with your personal data you can complain to the ICO if you are unhappy with how we have processed your information or dealt with your query. You may also seek compensation for any distress you are caused or loss you have incurred.
Accessing and correcting your information
You may request access to, correction of, or a copy of your information by contacting us at chrissie@therapyni.co.uk or stephen@therapyni.co.uk
You can find out more information from the ICO’s website: Home | ICO