Protecting your privacy
Your privacy is of great importance to me and I am committed to complying with the terms of the General Data Protection Regulation (GDPR) regarding the responsible and secure use of your data.
I have a legitimate interest in processing personal data in order to provide psychological services. The purpose of this statement is to let you know what personal information I collect and hold, why this data is collected, how long it is kept and what your rights are with regards to this personal data. I am registered with the Information Commissioners Office (ICO).
When you are referred or refer yourself for psychological services with me you will be asked to consent to the processing of your data under the terms of this policy. I will be responsible for data management, I will abide by this privacy statement, and I will hold my own privacy statement that complies with the GDPR terms.
What information do I collect?
I collect personal data such as name, address, date of birth, GP/medical practitioner details, telephone numbers, and email address. I also collect any data that you give me regarding personal and family background, brief session notes, psychometric assessments and 360 feedback reports, alongside potentially sensitive data relating to medical and mental health conditions.
What do I use your information for?I use your information in the following ways:
- To provide clients with psychological services requested.
- To notify you about changes to your appointments
- To invoice for services provided
- To fulfil any administrative, legal, ethical and contractual obligations.
What information do I share?
I will not share any information about you with other organisations or people, except in the following situations:
- Consent – I may share information with relevant medical professionals or others whom you have requested or agreed we need to contact.
- Serious harm – I may share your information with the relevant authorities if I have reason to believe that this may prevent serious harm being caused to you or another person.
- Compliance with law – I may share information when the law requires me to – i.e. safeguarding, terrorism, drug trafficking and serious crime
- Supervision– It is an ethical requirement for any clinician offering psychological services to have regular supervision. Any supervisor used is an accredited member of the relevant accrediting body and works within their ethical framework. No information is divulged to identify any client.
- Invoicing – It is necessary to share relevant information for invoicing purposes with your insurance provider (BUPA, AXA, CIGNA), this may include name, address, date of birth, insurance company patient number/codes and date of sessions attended.
- Your employer – If your employer is paying for the services I am providing we will agree at the prior to commencing work what information you consent to being shared and with whom at the organisation.
How do I keep your information safe?
- All information you provide to me is stored as securely as possible. I will take all reasonable precautions to prevent the identification (notes are anonymised) loss, misuse or alteration of information given.
- All paper forms and correspondence are kept in locked filing cabinets.
- Formal reports are password protected.
- Whilst I endeavour to keep my systems and communications protected against viruses and other harmful effects, I cannot bear responsibility for all communications being virus free.
- Client notes and other documentation is kept for the time necessary to provide the therapy service requested, however outside of this I will hold your details and session notes for a period of 7 years following the end of treatment to comply with legal obligations that are placed upon me by my insurers. After the 7-year period all notes and documentation will be destroyed.
- Any known data breaches will be reported to the ICO within 72 hours.
- Any requests for personal data need to be made through a data subject access request and will be supplied within one month.
- My website www.drjoperkins.com is maintained by RVLV.agency. Please note that your details are not stored on their systems for any contact requests made through them.
in the case of my death or incapacitation your name and contact details will be shared with my Therapeutic Executor, my PA Helen Doyle who will contact you to inform you of my demise, and to offer support should you wish to receive it. Helen can be contacted at [email protected]
Your rights Under the GDPR, you have the right to:
- Access your personal data – Rectify, erase or restrict your data – Object to the processing of your data – Request transfer of data (data portability).
- You may withdraw your consent for me to hold and process your data at any time. However, if you do this while actively receiving psychological services, the services would need to be concluded. You can withdraw your consent by stating this on an email to [email protected]
If you have any concerns about the way I handle your data please contact [email protected]. If you feel your concerns have not been resolved effectively you have the right to contact the Information Commissioners Office (www.ico.org.uk)
Changes to this policy
This policy is reviewed every 6 months.