When a client trusts me with their personal data, I take my responsibility to protect it very seriously. I respect privacy, and the clients’ rights to control their personal data. With that in mind, I want to be clear about the data I collect and why. In keeping with this and being mindful of the Data Protection Act 1998 and GDPR I hereby declare my intentions and obligations regarding processing client personal data.
The Data Controller
I am Susan Collins BA (Hons), Reg.MBACP, MNCS (Accred.), MAC, MCMA and as owner of the business, I am the Data Controller.
Peaceful Soul, previously known as Peaceful Soul Counselling, Soul Connection Holistics and Soul Connection Holistic Therapy, is my therapy business and I collect information in the natural course of dealing directly with clients and potential clients, either in person or by phone.
Details of Peaceful Soul’s business, online presence and contact
Susan Collins, as owner of Peaceful Soul, and its’ predecessors, offers Counselling, Life Coaching, Mindfulness, Massage, Reiki and Ear Candling Complementary Therapies. This work is predominantly face to face and in person business, however, in the case of Counselling and Life Coaching, may also be by phone.
In addition to the website, there is a Facebook presence for Peaceful Soul Therapies at https://www.facebook.com/PeacefulSoulTherapies/?ref=bookmarks and while there is a link from www.peacefulsoul.uk and the Facebook page, this link is not vice versa.
What personal data do I collect, why and your right to view
Firstly, please be assured I do not and will not sell client personal data to third parties.
In the natural course of business, from enquiry to therapy, I will collect the following client personal data:
- Full Name
- Telephone number
- Mobile phone number
- Email address
- GP’s Name and Address
- A brief medical history for the client
- Signature on Therapy Agreement
If necessary I will seek the clients’ consent to relay voice only messages, through a third party trusted by the client, if the client not available to take the call. In this case an addendum is written on the Therapy Agreement and client signature is added to approve.
Personal information details 1-8 inclusive are used within the Client Therapy Agreement and form the client record.
Information 6 and 7 is collected for the following reasons:
- If the client is taken ill during a therapy session and I need to summon outside medical assistance, either from the clients GP or from the Emergency Services, then this information will be passed to them for them to help the client from an informed position.
- In the case of Massage 7 above allows me to assess the clients’ suitability for Massage and to ensure that the client does not have a history of excluded conditions.
- Sometimes following Reiki Therapy there is a ‘Healing Crisis’ and having the information at 7 above is useful when dealing with a ‘Healing Crisis’.
For face to face in person therapies, information is collected in hard copy paper format. Nothing is collected or stored electronically. Therapy Agreements are stored safely and securely in a combination lock safe in my home.
For telephone Counselling and Life Coaching Therapies, email is used to transmit Therapy Agreements, and to receive copies Signed from clients. Once received the documents are printed and filed in the same safe and secure way in a combination lock safe in my home. Emails are not stored on the computer, instead, once printed, they are deleted.
Session Notes and Record Keeping
Following the clients’ session, I will make some brief notes which are referred to as session notes. The session notes are anonymised by a code and are stored securely, under separate lock and key, from client personal information.
Please be assured I welcome discussion and input regarding security of your personal information, so if you have any concerns please talk them through with me.
A clause in my Insurance Policy requires that all notes and personal information is stored for a period of 7 years and thereafter securely destroyed.
This is a very important aspect of the therapy relationship. Therapy sessions are confidential; however, there are circumstances when confidentiality cannot be assured.
Firstly, if a client tells me that they intend to harm themselves or others, or if they tell be about ongoing child protection issues, then I will try to discuss it with the client, and gain their consent, before taking it further.
Secondly, where there is a legal requirement to disclose information. This could be because it has been ordered by a court, or because the law requires, for example under the Terrorism Act 2000 or the Drug Trafficking Offences Act 1986. In these circumstances personal information may be passed without client consent.
For telephone counselling only, the client is advised to be aware that whilst using the telephone, or any other online technological platform for counselling, there is always the potential for the contact to be overheard or listened in to. If this should occur, the client is asked to accept that is a third-party issue and beyond my control.
The client should also be aware that when the client makes payment by online bank transfer then their account name will appear on my bank statement. Again, this is a third-party issue and is beyond my control.
For Telephone Counselling only, I declare that following Telephone Counselling sessions I delete the call log record.
For Text Messaging only, a phone number is provided for cancellations or other changes to appointments. Once the text has been actioned and the conversation completed, I delete the record from the call log.
In the case of a request for supporting information for provision to a third party, I print a hard copy of the request and file with the client Therapy Agreement, then delete the record from either my phone or the email.
Client Rights over their personal data
The client has the Right to request sight of information stored on them. If the client wishes to make such a request client is asked to do so in writing and give 7 days’ notice.
The client has the Right to ask for changes to the information stored. However, in this regard the client needs to be aware that there is a clause within my Insurance Policy requires that I keep records for 7 years. This legitimate reason would make changes to client records difficult, if not impossible.
Record Retention Period and what happens then
A clause in my Insurance Policy requires that all notes and personal information is stored for a period of 7 years and thereafter securely destroyed. I declare that client personal information and notes is destroyed either by shredding, which is collected by my local council as part of recycling, or by burning.
The Facebook Page has been set up in good faith to allow the public access to inspirational material and quotes, and further to allow me to advertise my business. If a client chooses to leave a review of my services on the Facebook Page then please be aware that this Page is viewed by Public and therefore the review will not be displayed confidentially, in these circumstances the client does this at their own risk.
If a client wishes to leave a review then, to protect client confidentiality and privacy, particularly for Counselling, that review may be sent by email directly to Susan Collins at firstname.lastname@example.org. Once the email is received then Susan will anonymise the review and post onto the website. This maintains client confidentiality.