This Privacy Notice was produced on the 25th of May 2018 when the law changed with regard to how organisations and small businesses protect your ‘data’ (personal details and records). This is called the General Data Protection Regulation or GDPR (Europe) and The Data Protection Act 2018 (UK). It was updated on the 13th April 2020.
The following summary highlights how GDPR is being implemented, by explaining why confidential information is held and how this is protected https://ico.org.uk
It is assumed that by engaging with this clinical psychology service that you are consenting to records being kept.
1. Information collection on website
Flourish may collect personal information about you when you use the Website and especially:
when you register to the Website;
when you subscribe to the mailing list, register to the forum, post a comment on the Website;
when you fill out a form or a questionnaire on the Website;
and generally we may collect information about how you use the Website.
In this context, personal information held by us may include:
your IP address;
your name, address and contact details (including email and telephone);
date of birth;
help us remember and process your orders on the Website;
understand and save your preferences for future visits;
keep track of advertisements;
compile, aggregate data about the Website traffic and interaction so we can offer you better experiences and tools in the future.
If you prefer, you can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies via your browser settings. Like most websites, if you turn your cookies off, some of our services may not function properly / you will not be able to use the services made available on the Website.
We may contract with third-party service providers to assist us in better understanding our site visitors. These service providers are not permitted to use the information collected on our behalf except to help us conduct and improve our business.
3. Use of information
Your personal information may be used the following ways:
verify your identity;
provide the services you require;
administer and manage those services, including charging, billing and collecting debts;
personalise your experience;
to research and develop our services;
to send periodic information.
Please note the email address you provide for our service may be used to send you information and updates pertaining to your services, in addition to receiving occasional company news, updates, related product or service information.
If at any time, you would like to opt out from receiving future emails, please email us requesting to “unsubscribe”.
4. Disclosing your personal information.
We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information. This does not include trusted third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential.
We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others' rights, property, or safety. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
5. Third party links
Flourish does not take any responsibility for its advertisers, outgoing links or any other part of its website that is not under direct or total control of Flourish. We advise that users read the privacy policies of external sites before submitting personal information.
6. Access and updates
You have the right to request access to any personal information held by Flourish which relates to you in the manner permitted by the Privacy Act 1988. Right of access called a ‘subject access request’ or SAR can be made for copies of letters but there may be an administration charge if all records are requested, as these may be ‘excessive’. These will be provided within 1 calendar month of the request being made.
To view and update your record, or if you wish to have your personal information deleted, please email us at email@example.com.
7. Storage and security
Keeping records is an essential component of healthcare, which helps in understanding how best to help and forms the basis of any reports needed.
Confidentiality is maintained at all times and your information is not shared unless there are exceptional circumstances. For example it is a professional obligation to inform on a need to know basis if a person is deemed at risk to themselves or others. For more information about this please see The British Psychological Society, Generic Professional Practice Guidelines www.bps.org.uk or talk to your clinical psychologist.
Consultation notes and questionnaires will be held for varying lengths of time depending on the content (and then carefully disposed of). For example, some records may be held indefinitely if there were any issues of concern that could lead to police investigation in the future.
Some mental health records are subject to special legislation, for example, children’s records are kept until age 26 and adult records for 8 years after the last contact with the service Www.gov.uk/government/publications/records-management-code-of-practice-for-health-and-social-care Other records will be stored for between 12 and 24 months, then destroyed using a confidential record destruction service.
Flourish takes all reasonable steps to ensure that the information it collects, uses or discloses is accurate, complete, up-to-date and stored in a secure environment accessed only by authorised persons. Flourish also takes reasonable steps to protect personal information it holds from misuse and loss and from unauthorised access, modification and disclosure.
All information recorded on paper will be securely stored in a locked room and if this has to be transported outside of the office, great care will be taken in other premises and likewise locked in a filing cabinet.
Letters sent by surface mail e.g. to GP’s, will be clearly marked “Confidential”.
Confidential digital information will be stored in a secure cloud service offering high levels of security. Confidential reports sent by the psychologist via the internet will be password protected and in most cases encrypted.
All electronic devices (e.g. computer, laptop and phone) and used to access stored information will themselves be password protected.
However, no data transmission over the internet can be guaranteed to be 100% secure. As a result, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk.
In the event of death or incapacity of the therapist, arrangements have been made for records to be held by a named professional colleague who will continue with the above obligations.
If you have any questions, comments or complaints concerning this policy, please contact the Data Controller, Dr Louise Langman by email, firstname.lastname@example.org or use the "Contact us" form available on the Website.
Modified on 26th April 2021
IF YOU ARE IN A CRISIS, PLEASE DO NOT USE THIS SITE. INSTEAD, PLEASE CONTACT YOUR DOCTOR OR LOCAL HOSPITAL.
© 2021 FLOURISH PSYCHOLOGY LTD.