West Coast Therapy General Data Protection Regulations
General Data Protection Regulations (GDPR) aims to strengthen and unify data protection for all EU individuals and emphasises transparency, security and accountability for all organisations and data controllers holding personal information.
The principles of data protection are that personal data must be:
Adequate, relevant and limited to what is needed
Accurate and up to date
Kept no longer than is necessary
It must be processed:
Lawfully, fairly and transparently
For specific, explicit and legitimate purpose(s)
In a secure manner
West Coast Therapy (WCT) recognises that privacy is important and is committed to respecting your privacy. We will apply appropriate protection and management of any information you share with us. The information you submit will be kept confidential and with the highest standards of security. The information you provide will be held and used in accordance with the GDPR.
What information is collected?
When you use the Contact Us form, email or telephone West Coast Therapy, personal information about you will be collected by Dr Michelle Hopkins (Data Controller), to decide whether your presenting concerns are an appropriate referral to the service and whether you will then be offered an appointment.
Personal information provided by you will also be used for the following purposes:
Delivery of therapy (including clinical supervision)
Discharge summary letters
End of therapy receipt
Wherever possible, data is anonymised by using initials and/or pseudonyms. All client data is held under common law “Duty of Confidentiality” and Dr Michelle Hopkins works on the principle that personal information is only collected when needed for her to provide your care. She is committed to protecting and respecting your privacy in compliance with the GDPR. However, West Coast Therapy may be requested by An Garda Síochána or by Court Order to release personal records and Dr Michelle Hopkins will by law have to comply with this request.
Cookies are not installed/collected when you visit the West Coast Therapy website.
How is the information stored?
Dr Michelle Hopkins is the only person who can access your personal information held in a structured manual file, located in a locked fire proof filing cabinet. Information stored on computer, for example discharge summary letters, end of therapy receipts are individually password protected per document.
How long is the information stored for?
In line with British Psychological Society (BPS) Practice Guidelines (2017) relating to working therapeutically with adults, personal records must be retained and held securely for 7 years.
Is the information safe?
Information from the website contact form is sent to an encrypted email account. This email account is only accessed by Dr Michelle Hopkins. This information is temporarily held in the email account for up to two months. Then it will either be automatically deleted if no further contact is made or transferred into an encrypted and password protected computer database, if the referral is accepted.
Your personal data will not be used for any purpose than to provide you with a professional clinical psychology service. If your risk to yourself increases (e.g., you disclose that you are self-harming or feeling suicidal), your information will be shared with your consent, with other professionals to access further support via the mental health team in your area.
West Coast Therapy will not share your records with any commercial organisation or sell this information on to third parties for any reason, including marketing.
This website is hosted by one of Europe’s leading internet companies, Blacknight Solutions, 100% Irish owned and based in Ireland http://blacknight.com/
For more information and to read through your rights please visit the Data Protection Commission website http://dataprotection.ie
If you wish to request your personal records, please allow up to 10 working days for us to provide them for you. In the interest of preserving data security, we reserve the right to provide printed copies instead of electronic files.
Some of the above information was produced referencing BPS Practice Guidelines (2017), and BPS General Data Protection Regulation (GDPR) FAQs.