GDPR Policy

The General Data Protection Regulation (GDPR) became law on 24th May 2016. This is a single EU-wide regulation on the protection of confidential and sensitive information. It enters into force in the UK on the 25th May 2018, repealing the Data Protection Act (1998).

This Notice describes how we collect, use and process your personal data, and how, in doing so, we comply with our legal obligations to you. Your privacy is important to us, and we are committed to protecting and safeguarding your data privacy rights.

 

Your rights

We are committed to protecting your rights of privacy. They include:

  • Right to be informed about what we do with your personal data
  • Right to have a copy of all the personal information we process about you
  • Right to rectification of any inaccurate data process, and to add the information we hold about you if it is incomplete
  • Right to be forgotten and your personal data destroyed
  • Right to restrict the processing of your personal data
  • Right to object to the processing we carry out based on our legitimate interest

 

Collection of Personal Information

Silver Street Clinic will be what is known as, the ‘Controller’ of the personal data you provide to us. We collect basic personal data about you including name, address, contact details, such as email and mobile number etc. If applicable, we will also collect further confidential information from sources, which you may have been referred by, such as your GP or other local authorities. We collect this information because it is in the legitimate interests of your assigned clinician to see and analyse this information in order to carry out an initial assessment or to deliver the appropriate care required.

To ensure you are both assessed and/or treated safely and appropriately, we record your personal information, as well as all contact you have with your clinician, such as appointments/sessions, treatment notes, results of sessions and letters relating to your care. This data is kept confidential by your clinician at all times.

 

Clinicians may also collect further information regarding:

  • Medical Conditions (if relevant)
  • Prescribed Medication
  • Psychological history and current difficulties
  • Sexuality
  • Offences (including alleged offences)
  • Financial information, including bank account details (if you are a private patient)

Not all this information will be collected directly from you. If you are a patient that has been referred to Silver Street Clinic, password-encrypted files will always transfer any information deemed relevant for the clinician.

 

Protection of Records

The client’s therapist holds responsibility for record keeping, data protection and safe storage of notes in accordance with their own professional guidelines (NMC, BACP, BABCP, UKCP or other), and in compliance with EU General Data Protection Regulations (GDPR) rules.

Records stored within Silver Street Clinic are kept in a secure file, not on a desktop. Physical records are kept in a secure locked cabinet when not in use. Any electronic data is encrypted. Any data that holds sensitive information such as the client’s name is encrypted with a password.

 

Sharing of Personal Information

In many circumstances, we will not disclose personal data without consent. Your information may be shared with outside organisations if they are directly involved in your care, for instance, organisations funding your treatment or your GP. All clinicians will discuss with you who they discuss your care with, and what details they will share with them.

If your health is in jeopardy clinicians may share your contact information with an emergency healthcare service. If you are under 18 years old and your health is in jeopardy, your information may be shared with your parent/guardian.

If your clinician becomes aware of your intent to cause harm to another person/organization, they have a legal obligation to inform an authority without seeking your permission.

 

Destruction of Data

All client information and data is required by law to be kept for seven years following the date of the client’s discharge. Once this period has ended all data is permanently deleted from any laptop, handheld mobile device, or any physical copies will be destroyed. Physical paper copies are destroyed by confidential shredding.

 

Complaints or Queries

We aim to meet high standards when collecting and using personal information. For this reason, we take complaints about this very seriously. We would like to encourage people to bring it to our attention if they think the collections or use of information is unfair, misleading or inappropriate. We also welcome any suggestions for improving our current procedures. If you do have a complaint, you can find Silver Street Clinics contact details on our website: www.silverstreetclinic.com