Who am I
My website address is: http://www.telfordpsychology.com
The registered address for Telford Psychology is: 9 High Street, Madeley, Telford, Shropshire, TF7 5AQ
(“Telford Psychology” / “we” / “our” / “us“. “Samantha”/ “I”/“me”/“my”). I am committed to ensuring that your privacy is protected. I comply with the General Data Protection Regulation ((EU) 2016/679) (“GDPR”) unless and until the GDPR is no longer directly applicable in the UK, together with any national implementing laws, regulations and secondary legislation as amended or updated from time to time in the UK, and any successor legislation to the GDPR and the DPA (together “Data Protection Legislation”). I am the data controller of data you pass to me pursuant to this policy. The Data Protection Officer can be contacted on firstname.lastname@example.org
Telford Psychology has prepared this policy so I am transparent about why and how I handle your personal information (data). Under the General Data Protection Regulations (GDPR), I (Samantha Swann-Horler) am a “data controller”, as I collect and use personal data and I undertake to keep your personal data safe and secure.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Information about you
I collect and hold personal information about you in order to provide a service and process payment. In doing this I follow the law and code of ethics set out by the Health Care Professions Council (HCPC), British Psychological Society (BPS) and the Information Commissioner’s Office (ICO).
Categories of information
The categories of information that I collect and hold are classified as ‘personal data’ and ‘sensitive data’. This information includes:
- Your personal information such as name and address and telephone numbers.
- Enquirers information (emails sent between us)
- Characteristics (where appropriate eg ethnicity, language, nationality, country of birth)
- Attendance information (number of sessions we’ve had together)
- Relevant medical information
- Sensitive data: agreements, notes (which may include names of relatives, children, employers etc), letters, reports and any questionnaires used.
If you are referred to me by an organisation, then I also process information and data provided by them which includes basic contact information, referral information and their authorisation to pay or refer you to me.
How I use your information
My professional bodies require me to keep information about the work I do and the people I see. I am unable to offer you a service unless I keep some information about our work together.
I use the information:
- To provide you with a service
- For billing and processing payments
- To monitor and report risk where appropriate
- To review the quality of the service I am providing
- To comply with the law regarding data sharing
To use the legal speak, I have a ‘legitimate interest’ in using the personal and sensitive data that I collect, to provide the most appropriate support service to clients. I am registered with the Information Commissioner’s Office (ICO) and collect and use personal information in order to meet legal obligations and legitimate interests set out in GDPR.
Who I share your data with
Your personal information will only be shared:
- If an organisation is funding your support: appointment schedules may be shared for the purposes of billing. I may also share information about the need to cease or extend our work but this will always be done with your knowledge and a prior discussion.
- When there is a need-to-know situation for another provider eg GP.
- When disclosure is in the public interest (to prevent a miscarriage of justice or where there is a legal duty eg a court order)
- When the information concerns risk of harm to you or someone else. You will be involved in discussion of the proposed disclosure unless to do so is perceived to increase the level of risk to you or someone else)
- To ensure practitioner safety in line with recommendations from the Suzy Lamplugh Trust recommends always ensuring that someone else has access to schedules and contact details for clients and practitioners.
Your personal information will not be shared with third parties for marketing purposes.
Storing your information
I am instructed to protect your data. Any paper files are to be stored in locked filing cabinets. Computers, phones and electronic devices used for phone calls, texts and emails are password protected and follow standard technical safety and privacy procedures.
Your contact details, formal and reports will be kept for 7 years in accordance with BPS and HCPC guidelines, however case notes are kept for the minimum amount of time needed in order to provide the service that you have requested and is then destroyed because the data I hold (eg number of sessions held, dates worked together and any summary documents) are sufficient.
Paper records are destroyed using a destruction service (eg shred-it) which meets industry standards for document management and provides the appropriate certification.
What rights you have over your information
You have the right of access about information held about you. Following a formal written request from you, I will provide the data we have about you within 30 days. You also have the right to have inaccurate personal data rectified. If any data I hold is incorrect or requires updating, please contact me and I will correct it within 30 days of your request.
In the unlikely event of a data breach, I (Samantha Swann-Horler) will inform you as soon as I am aware of it and will notify the Information Commissioner’s Office.
This policy is reviewed annually or when new requirements are mandated.
In summary, Telford Psychology has a comprehensive Data Policy and I adhere strictly to the Code of Ethics and Practices defined by both the British Psychological Society and the Health Care Professions Council (HCPC). These are regulatory bodies for all psychologists.
In summary, all records are kept securely and are only seen by the practitioner you are working with. In line with GDPR (2018) your data will only be used in order to provide the service to you and for managing and quality assuring the service.
This information can also be found in the ‘Terms of Engagement’ and ‘Data Policy’ documents, which are provided when I begin working with you.