The General Data Protection Regulation (GDPR), came into effect on 25th May 2018 and provides a legal framework for ensuring the safety of personal information by organisations. The framework insists that organisations have effective systems in place for handling and storing personal information. It also stipulates that people cannot be contacted by organisations without having given permission for sharing of information.
Dr Taylor’s Independent Clinical Psychology and Psychotherapy practice understands that privacy is important to its clients and customers and that they care about how personal data is used. We are committed to safeguarding the privacy and security of the personal information of all our clients.
The following privacy notice outlines how Dr Taylor manages your data and your rights in relation to this.
Personal Information held by Dr Taylor and why:
Dr Taylor’s Independent Clinical Psychology and Psychotherapy practice collects personal information provided by you or a referrer, e.g. insurance company/solicitor appropriate to the service you are accessing, e.g. therapy or supervision. Such information includes for example; your name, date of birth, contact details (phone numbers, email and address), GP details, your place of work, and where relevant previous reports generated in relation to accidents or injuries sustained. This information is held so that contact can be made with you to arrange appointments for relevant services but also to be able to access support systems for you should you require this over the course of your treatment with Dr Taylor. Information is also held to be able to communicate with you regarding payments (for self-referring clients), e.g. invoicing. Personal information held is with a view to providing you with a safe, effective and professional service.
Written notes are made during sessions and stored in a locked filing cabinet. Less comprehensive electronic notes summarising key themes and any risk concerns are documents on a secure online electronic notes system. Where electronic communications are made, emails and texts are also stored if they contain clinical information. Texts and emails arranging appointments are not stored. Your first name and the first letter of your surname will be held in Dr Taylor’s phone contacts for the duration of your therapy/supervision. At the end of therapy/supervision Dr Taylor will remove your contact from her phone.
Keeping Information accurate and up to date.
It is your responsibility to ensure that Dr Taylor is made aware of any relevant changes to your personal information that she requires to be able to provide you with an effective service.
Sharing of information:
Often referring agencies require reports across the duration of assessment and therapy. Dr Taylor uses the information you share with her in sessions to provide referrers with a brief summary of assessment and treatment outcomes, e.g. progress made in relation to goals. Dr Taylor does not divulge sensitive information shared in sessions with referring agencies unless she is concerned about risk of harm to yourself or others. Where Dr Taylor is concerned about risks, she will endeavour to discuss this with you and seek your consent to share the information. However, there may be some instances where she has pressing concerns about safety to yourself or others and at such times it may not be appropriate to seek your consent before sharing with appropriate agencies, e.g. GP, police, other relevant professionals. Dr Taylor prioritises keeping people safe at all times. If information is shared without your consent, Dr Taylor will discuss this with you and her reasons why as soon as is practically possible.
Reports are shared with referrers electronically, and sent either via secure email systems, e.g. Egress or documents are password protected and the password is provided in a separate email. Different referring agencies have different requirements for sharing of reports. If you wish to see the content of reports prior to Dr Taylor sharing them, please do ask. Dr Taylor considers information shared with her by you, to be your information and is happy to discuss her clinical notes with you at any time.
In cases where supervisees are seeking Accreditation, personal information that is required on the application is shared with members of the EMDR Association. You will have provided that information to Dr Taylor and so will be aware of what is being shared with the Accreditation committee within the EMDR UK Association.
Dr Taylor may have to share your data with third parties, including third-party service providers. She may share personal data about you with outsourced service providers such as accountants and virtual assistants pursuant to GDPR compliant written contracts.
Dr Taylor may be required to share your personal information with others where there are legal proceedings or in complying with legal obligations, a court order, or the instructions of a government authority.
Dr Taylor will not sell, distribute or lease your personal information to third parties.
Dr Taylor requires third parties to respect the security of your data and to treat it in accordance with the law.
How secure is my information with third-party service providers and other entities?
How long is data held for and where?
Dr Taylor is legally required to keep clinical records for 7 years after the end of your contact/treatment for adults. Written notes are stored in a locked filing cabinet in anonymised envelopes. The filing cabinet key is kept in a coded key press and the key to the office is kept in a coded key press elsewhere to enhance security of your data. The building where the filing cabinet is held is alarmed. Electronic information is password protected. Emails and texts are kept on a laptop, ipad and iphones, all of which are password protected (passcodes of fingerprint access). IT systems are regularly backed up with appropriate secure and encrypted systems.
How to request access to your data:
You are able to request access to your notes by putting your request in writing or making a verbal request to Dr Taylor using the contact details for the business. You will be provided with your information within 40 days. You are able to check records for accuracy, and request correction or deletion of your information. Dr Taylor recommends that if you request to see your notes, that you go through them with her so that any concerns or queries can be addressed there and then.
You can also request that your information be deleted or destroyed before the 7/25 year expiration date. Dr Taylor will discuss each request with you and relevant parties, e.g. referring agencies. Dr Taylor will seek advice from her professional governing bodies, e.g. The Health Care and Professions Council (HCPC) and the Information Commission Office (ICO) on a case-by-case basis at the time of the request.
If Dr Taylor is aware of any breach of personal data security, she will contact you as soon as possible to discuss this. Where appropriate, Dr Taylor will advise the ICO.
Dr Taylor is registered with the ICO. If you wish to complain to the ICO about Dr Taylor’s GDPR compliance, you can contact them directly. The ICO website is ico.org.uk.
Changes to this Privacy Notice
Tel: 07533 075101
"Although treatment was challenging, it was the best thing I have ever done. Prior to treatment with Dr Taylor, I felt like I was biding my time here and every day was a challenge. Post treatment, I feel human again, I am now able to face the day without the past impacting on me". Verified March 2021
"Dr Taylor was so supportive throughout the process and enabled me to feel safe (and empowered!!!) even when recalling traumatic events. I am so grateful for all her help". verified March 2021
".......told me that she is experiencing some relief to the flashbacks/night terrors, which is the first positive thing we have heard for a long time - so thank you-thank you-thank-you". Mother of a client. Verified March 2021.
"I had been described as suffering with a number of diagnostic conditions over the years. I didn’t realise that they were all linked to my childhood".