GDPR

The General Data Protection Regulation (GDPR) is concerned with personal information about you, how it is collected, stored and shared. 

This is the GDPR statement for tao-harmony where you will find information on how I collect, save, and share information. 

Tao-Harmony, offers integrative therapy online, as well as face to face, and online guided classes, please note that information collected varies according to your interaction with me.

 

Web access and collection of information online

 

When you contact me to request any services, I collect and save information about you. I also collect information about you when you book an initial consultation, complete any forms, and/or when we contact each other for whatever reason between session or classes. This information is saved online.

For security reasons I would not advise that you send any therapeutic content in an ‘open email’. I would recommend that you send it as a Word document attachment to your email.

 

Health record collection and confidentiality (for the use of therapeutic work only)

 

Your health record is kept confidential and all information is stored securely. I follow the ethical guidelines of the British Association for Counselling & Psychotherapy (BACP).

When you contact me to enquire about therapy, I collect your personal information including: your name, phone number, email address, occupation and medication. I keep records of your appointments, brief notes on the topics covered during the sessions and your concerns.

Session related information attendance and topics covered in the sessions will be initially stored electronically without identifying details and protected by a coding system. Your personal details and any information collected during the initial intake meeting (including possible referral letters, questionnaires) are stored in paper format in a locked cabinet. Once you have finished working with me I store hard copies of the session notes in your file that is in a locked cabinet. The information is kept up to 7 years after you have completed working with me for legal reasons.

As part of the intake process, I request your GP surgery details. At times I may seek further consent for sharing information if necessary.

Working with private medical insurance companies: I share your attendance with the referring insurance company, or your HR department, this is always with your consent. Storage Methods for clinical services:

  • Paper written notes as described above

  • Electronic storage: unidentifiable, brief session notes covering the topics covered are saved on cloud based storage and protected with a password. When we stop working together, the notes are saved offline for 5 years and then shredded.

  • Email: I used a Google based email. Your email address and our correspondence will be stored in this account.

 

Sharing information

 

You are asked to sign a consent form if your information is necessary to share with a third party. I ask you about sharing information with your GP during the first session. As discussed above the exceptions to sharing information about you may take place if there was a danger to yourself or others.

 

Supervision

 

The content of your emails will not be communicated with a third party except for the purposes of supervision of my work. In this instance your identity will not be revealed.

 

In case of emergency

 

If I have a reason to believe that you are at risk to yourself, to someone else, or there are child protection issues I am required to act upon these concerns. In that case I am obliged to breach confidentiality by speaking to e.g. a crisis team (harm to self) or the police (harm to others / an organisation e.g. in case of terrorism) or child protection services / NCPCC. If I have to breach confidentiality, where ever possible I aim to discuss this with you first.

If I was to encounter an emergency myself and was unable to contact you myself, your name and contact details might be shared with a trusted person to inform you about the changes in our meetings. No other personal information would be shared.

 

Your rights

 

You have the following rights…

  • To be informed what information is collected and how it is stored

  • To see the information I hold about you

  • To rectify any inaccurate or incomplete personal information

  • To withdraw consent to me using your personal information

  • To request your personal information be erased (although if the information is needed for me to practice lawfully and ethically I can decline)

 

Therapeutic Will

 

Your name and contact details will be shared with my Therapeutic Executor. This is so that you will be contacted in the event of an accident, severe illness, or my death, should you still be in therapy with me.

 

Emergencies

 

If your health is in jeopardy (provided I have your consent) I may share your contact data with an emergency healthcare service (e.g. Mental Health Crisis Team). If I have become aware of your intent to cause harm to another person/organisation (e.g. terrorism), the law may require that I inform an authority without seeking your permission. In such a situation, the law may require that I share your personal data without your knowledge (known as: whistle-blowing).

 

Erasing your Data

 

At the end of our email agreement a paper copy of the exchanges of emails will be stored securely offline for a period of 7 years and then destroyed by shredding after this time. No electronic records will be stored after the ending of counselling.

When we have finished working together, I will erase electronic copies of your data & correspondence within one month. I will hold onto your written/printed data for up to seven years past the end of our working together. This is so that I have a reference of our work in situations such as you returning to counselling in the future. After this time has passed, I will destroy the written/printed data.