PRIVACY POLICY
Introduction to Turning Tide Therapy
New laws relating to General Data Protection Regulation (GDPR) that are in effect from 25th May 2018. The purpose of GDPR is to provide a set of standardised data protection laws across all EU member countries. This document sets out how the Directors of Turning Tide Therapy comply with these laws.
Data controllers
Both Miss Abbie White and Miss Eleanor Taylor are data our current data controllers who will be processing the referrals to Turning Tide Therapy. All employed therapists with Turning Tide Therapy will be able to access more detailed data due to the confidential nature of clinical work with the specific client.
What personal data do we hold?
Turning Tide Therapy collects and processes the following person data from therapy clients:
· Personal data: Basic contact information; name, address, email, contact number and GP details
· Sensitive personal data: signed consent forms to a therapy agreement, therapy records (likely include; therapist notes, letters, reports, outcome measures and supervision notes)
· Medical information (current medication if prescribed by the GP, previous medical / mental health support)
If you are referred by your health insurance provider, we will also collect and process personal data provided by that organisation. This is includes basic contact information, referral information and health insurance policy number and authorisation for psychological treatment.
The lawful basis for holding personal data:
Turning Tide Therapy has a legitimate interest in using personal data and sensitive personal data we collect to provide mental health treatment. It is necessary for us to collect this data to be able to provide psychological therapy to clients and to identify clients should an issue or risk arise and the GP needs contacting. `We may also ask for information on how you found our service for the purpose of our own marketing research. We will never sell your information to others.
What we do with your personal information:
Your privacy matters to us. We will only use your personal information to provide the services you have requested from us. If you do not/are unable to provide information requested, then Turning Tide Therapy may be unable to provide therapy to you as we have to collect identifiable information in case there is a concern regarding risk to self and others and we need to contact a 3rd party concerning risk.
How long we store personal information:
Your clinical notes will be stored in Office 365. We will only store your personal information for as long as it is required by standard for our service. The sensitive personal data defined above is stored for 7 years, after the end of therapy. After this time, this data will be deleted.
What we will NOT do with your personal information:
We will not share your personal information with third parties for marketing purposes.
How we ensure the security of personal information:
We use password protected WI-Fi and information stored on the computer and work phone is password protected. Any information stored on third party servers e.g OneDrive and is protected with two factor authentications.
Personal information is also stored on a computer and on a secure server. These are password protected. Malware and antivirus protection are installed on all computing devices. Mobile devices are protected with a passcode and all Therapist in Turning Tide Therapy are under contract to follow the same security procedures.
We will uphold your privacy rights which are:
· Your right to access the personal information we hold about you.
· We will usually share this with you within 30 days of receiving your request.
· There may be an admin fee for supplying the information to you.
· We may request further evidence from you to check your identity.
· A copy of your personal information will be handed to you in a permanent form
· You have a right to get your personal information corrected if it is inaccurate.
You can complain to a regulator if you think we haven’t complied with data protection laws, you have a right to lodge a complaint with the Information Commissioner’s Office.
Deleting Information
Turning Tide Therapy reserves the right to refuse a request to delete a client’s personal information where this is clinical records. Clinical records are retained for a period of 7 years. In accordance with the guidelines of BPS and BABCP.