Data Protection & Privacy Policy

Jan Grafton Counselling Data Protection & Privacy Policy

Any personal data provided by you to Jan Grafton Counselling whether in verbal, written, in electronic form will be held and processed in accordance with the data protection principles set out in the Data Protection Act 1998 and the General Data Protection Regulation for the purposes for which you have given consent.

I, Jan Grafton, work as a sole trader so I am independently responsible for holding your data safely.

What information do I collect?

Initial contact – This may be via email, mobile phone or landline. Hence your contact will be recorded and stored via these methods. In addition I will ask for your full name, reason for the counselling request and appointment availability; I record this as written data on paper only.
• At an initial assessment I will ask about your current personal, social, medical circumstances. I may also ask about your background and family history, as well as the issues which are affecting you now. I require this information to establish the therapeutic relationship and to assess if counselling is right for you at this time.
• At the first Counselling appointment I will record on paper the following data: name, address, date of birth, doctor, medication and any health issues, brief detail of any counselling history, who to contact in an emergency.
• Brief notes of each counselling session will be recorded in handwritten format on paper.
• If I have need to write a letter on your behalf then the letter will be stored electronically on my computer but all identifying data will be removed. A printed copy will be held in your file.
• If your payment is via bank transfer there will be a record of this on my bank account and statements.

What do I use your information for?

• To notify you about changes to your appointments and other changes to the counselling service.
• To inform my practice to offer the appropriate therapy for you, the client.
• To keep you, the client, safe in the event of an emergency.
• The retention of client notes is necessary for legal reasons, in the event of any criminal prosecution, civil litigation, insurance claim or complaint to my regulatory body. Therefore the client does not have the right to erase these notes, once counselling ends.

What information do I share?

I will not share any information about you with other organisations or people, except in the following situations:
Consent – I may share your information with professional carers or others whom you have requested or agreed we should contact.
Serious harm – If I feel you are in danger of serious harm to yourself or to other people, I have a legal duty to inform outside agencies, for example your GP, the local mental health crisis team or the Police, I may also contact your agreed emergency contact, however I would try and talk to you about this first.
Compliance with law – I may share your information where I am required to by law or by the regulations and other rules to which we are subject.
Data may be shared with my regulatory body and/or insurance company in the event of a complaint being made against me.
Supervision. I attend regular clinical supervision which is a requirement of my regulatory body (NCS) to ensure my practice remains safe and ethical. Some client details may be shared with my supervisor, but no names are mentioned.
Safeguarding purposes. If I thought a child or vulnerable adult was at risk I would be legally required to notify the relevant authorities, without your consent.

How do I keep your information safe?

All information you provide to me is stored as securely as possible. All paper forms and correspondence are kept in a locked filing cabinet. Recording of contact via electronic devices are subject to being password protected and any stored phone numbers are stored in a coded format. My computer and other electronic devices have protection software, to protect its’ security, that is updated regularly.
Your identifiable personal information is kept separately from any session notes and other descriptive material. Client notes and other documentation are destroyed 7 years after the end of counselling, in accordance with the terms from my insurance provider. Contact details held electronically are erased at the end of counselling.

Online and Telephone Counselling

Your privacy is considered when conducting counselling via telephone or using Zoom video meeting, however confidentiality cannot be guaranteed. I will conduct all sessions in a quiet and confidential space. To ensure confidentiality the client needs to provide a similar space and the use of headphones can assist in this. When using Zoom, the meeting will be set up in advance on this platform, using a code to identify the client. The client will be sent an individual URL for the meeting and once the meeting has taken place the details will be deleted from my account. No online service can be guaranteed as confidential but Zoom is used as it is encrypted and HIPAA compliant (a US regulatory requirement to ensure confidentiality). A full privacy notice for Zoom can be viewed here https://zoom.us/privacy. The sessions will never be recorded by me nor must they be recorded by you, the client.

Your rights

You have the right to ask me to provide a copy of your information held by me. You also have the right to require me to correct any inaccuracies in your information.

Changes to this policy

I may edit this policy from time to time. If I make any substantial changes I will notify you by posting a prominent announcement on my website.