Privacy Policy
Section 1
I am fully committed to ensuring that your privacy is protected.
Third party privacy statement
Your information does not get shared with anyone else within my private practice, as I manage my practice myself, and operate my business independently.
From the moment you get in touch with me I will never try to obtain information about you from any third party without your knowledge and consent.
I will never share your information with any third party - unless you explicitly request this.
I am required to have regular supervision with another professional therapist as part of my ongoing practice with the British Association of Counselling and Psychotherapy (BACP). I never disclose any personally identifying information about my clients within supervision.
There are only three lawful exceptions where I do not need your consent to share information to a third party: child protection, court order and risk to life.
The lawful basis for processing your data
I only use information about you in ways that are core or legally essential for me to fulfil my role as an effective, safe, ethical and responsive counsellor and psychotherapist.
I never keep or use your information in non-essential ways.
Under GDPR regulations 2018, I am what is known as the 'data controller' and also the 'data processor', and I have specific responsibilities and requirements, accompanying these roles to protect your privacy.
I am bound by their policies with regards your privacy, as well as the BACP code of professional practice.
Disclaimer: Your role in protecting your own privacy
I make every effort to ensure that my clients' personal information is held securely and to safeguard against unauthorised access, whether I receive it in person via phone chat, voice message, email, text, website form, or Zoom conversation.
At the same time, in agreeing to my privacy policy:
1. You acknowledge that the privacy of your communications and personal information can never be completely guaranteed when it is being transmitted over the internet.
2. You acknowledge and agree that you share information via the internet at your own risk.
3. You agree to take responsibility for your own role in safeguarding your data privacy in the email address you choose to use and whether or not you choose to password protect information you send to me.
My suggestion is that clients endeavour to take the following actions if possible:
1. To email me from an email address that does not have your full name in it
2. To only include your first name in any documents you send me
3. To password protect documents that you may send me
How do I obtain information about you?
I obtain information from:
• What you choose to share with me when you first contact me via my website's contact form, or when you phone or email me to make an enquiry.
• What you choose to share with me - information you send me by email and over the phone (text or voice message)
• sessions we have together in person face to face, by phone and online (Zoom)
• Your health insurance company or healthcare provider, if relevant, and with your consent
• If we agree to work together.
Your privacy when you first get in touch
I'll only keep your contact information if I have the capacity to respond and be of help to you.
My website's contact form
If you get in touch via my useful contact form, you've got options to choose what information you wish to share with me.
Your information is not stored anywhere on my website platform - I've disabled that option, so your contact form goes directly through to me via email.
About your initial free consultation
If you have an initial consultation with me over the phone/Zoom, this is free and there is no obligation to start once you've had this, you can choose how much you would like to share at this stage. The purpose of your initial free consultation is to provide you with more information about the therapy, get an overview of your presenting issues, and to ascertain and assess suitability deciding if I am best placed to work with you. The initial consultation will also give you an opportunity to ask any questions,
Your privacy in our teamwork together
Emailing confirmation
After we have decided on an initial appointment I will usually send you a confirmation email detailing the venue, fee and other relevant practicalities.
Online sessions
Online sessions are delivered through Zoom. This communications service has updated their privacy measures to ensure they are fully compliant with GDPR regulations 2018.
You are welcome to install the Zoom app if you'd prefer to have online sessions.
Sessions where we meet in person
The consultation room that I use is specifically for the purpose of delivering therapy and is a discreet and confidential professional setting for practice.
Obtaining information from third parties
If your therapy is being funded via a health insurance company, your insurance company may provide me with information, but this would never be without your prior knowledge and consent, in accordance with your agreed contract with them. Insurance companies typically encrypt or password protect sensitive information that they share.
On occasion, with your prior knowledge and consent, I may have reason to ask to obtain information from other healthcare providers involved in your care, for example if you are working with a psychologist, psychiatrist or another therapist. This will only be to ensure I am providing the most appropriate, safe, responsive and effective therapy for your needs.
If you're working with another healthcare provider, such as a psychiatrist or psychologist, you or they may wish for me to have information about you. From 25 May 2018 all organisations and businesses will be required to ensure their privacy policies are fully compliant with GDPR directives. Please ensure you know your privacy rights with each party involved in your care. You have a right to view any information that is shared about you, and a right to have any information rectified that is incorrect.
I will never knowingly receive information about you that you have not given permission to be shared.
In rare and exceptional situations a family member, partner or friend may contact me, but that could only happen if you decided to share my details with them. All actions from that point would need to have you at the centre, with your full consent and you guiding appropriate therapeutic decisions at every step of the way.
What type of information do I collect about you?
I may collect the following personal information from you if we decide to work together, because, as a registered healthcare practitioner, I would be reasonably expected to have this in case of an emergency.
Personal Information:
• Your name and contact details
• Who should be contacted in case of an emergency (e.g. next of kin)
• GP address If health insurance is funding your sessions I also need your name, date of birth, address, plus your membership and authorisation codes to pass security checks with your health insurance company.
Sensitive information:
Given the nature of healthcare related data, some of the information you may share with me is likely to be classified as sensitive. I'm legally required to take strong measures to protect your confidentiality with any of the following sensitive information that would be important for me to know in order to help you:
• Your mental and physical health
• Use of alcohol, prescribed and non prescribed drug use
• Any criminal offences or alleged offences
If you choose to share any information with me about your relationship or sexual history or orientation, your family, lifestyle, employment, religion or cultural background, this is also respected as 'sensitive'.
What do I use your information for?
I may at times need to ask you about some of the above sensitive information with the specific purposes of ensuring that:
• The service I provide to you is properly responsive to your specific circumstances and needs.
• I make safe and effective clinical and therapeutic decisions
• I respond to you in the most considerate way
• We communicate openly with one another to make wise and appropriate decisions together in a teamwork approach
With regards personal and sensitive information, I don't need to have a written record of everything you share with me. I keep my note taking outside of sessions to a minimum, and encourage my clients to keep their own notes of useful ideas, insights and reflections. As they relate to you and your progress, it's much more relevant and helpful that notes are written by you and stay in your possession.
There are some things that I must, legally, have a written record of, if it is in direct relation to your safety or the safety others, such as emergency contact information, or information related to suicide risk, child protection, domestic abuse, or other violent crime, or should I ever need to account for my clinical decisions and/or respond to complaints.
Transparency of record keeping
Records comprise of:
• The emails, reports, forms or letters you have decided to send me.
• Emails, reports, forms or letters I have sent to the email address of your choice.
• Any information you have forwarded to me from a healthcare provider or insurance company.
• Any information I have received from a healthcare provider.
• Any information I send to an insurance company or healthcare provider.
• If a legal or risk issue has been identified: risk assessment, risk management plan, and my clinical supervisor's recommendations, the risk assessment will be shared with you.
Measures I take to store your data securely
These are the measures I take to protect your data before it can be deleted or destroyed:
Storing paper information securely
I keep handwritten or printed information about you to an absolute minimum in order to protect your data. I do not print or keep duplicate information wherever this can be prevented. For example, if you or your insurance company have sent me digital information via email, I do not then print it.
All handwritten or printed information that has any personally identifying information on it about my clients is kept in a securely locked filing cabinet.
Keeping electronic information securely stored
My devices are all password protected, with strong passwords that are all different from each other, and which I change at suitable intervals.
I do not share my devices or passwords with anyone else I do not store any personally identifying information of my clients on a mobile phone, except for your number and names are coded.
If you get in touch with me via phone, Zoom, e-mail, the contact details you use are stored, but I do not store any therapy related information on these platforms.
I do not record phone or Zoom sessions. If you wish to record a session then you'd need to let me know and we can discuss the ethical considerations.
If I need to electronically send a report or invoice then I would e-mail this to you separately, in certain situations this may also be password protected.
I clear any downloads related to client information on all devices when not in use.
I do not keep your personal or sensitive information stored on any external hard drive or memory stick. While our work is active.
Third parties
There may be occasions when I need to share personal or sensitive information about you with third parties, specifically, your insurance company or other health professionals involved in your care. When I do so, I comply with all aspects of the Data Protection Act 1998 (DPA).
Your insurance company
If you are claiming the cost of your sessions through your insurance company, your insurance company may request details of your treatment and progress from me in order to authorise further funding for your treatment. I will share the minimum amount of information necessary with your insurance company.
Specialist healthcare providers If there is a specialist healthcare provider, such as a consultant physician or psychiatrist, NHS mental health service, dietician or nutritionist, psychologist or other therapist involved in your care, and your treatment with them could be negatively impacted if they did not know you were working with me, I consider this very carefully.
I will always ask you for your consent before sharing any personal or sensitive information when liaising with other health professionals who may be involved in your care.
I will always ask you for your consent before making appropriate referrals to other healthcare providers. I will also check with you what information you do and do not wish for me to share. I only share sensitive information that would be of direct importance to your healthcare i.e. directly relevant to you getting the most appropriate treatment for your needs.
I would ensure you have a copy of any email or report I send.
General practitioners (your GP)
It is not typically necessary for me to contact a client's General Practitioner, unless you and I have concerns about the medication or treatment that a general practitioner may be prescribing you, or if your GP is the gateway to enable you to access other healthcare that you need.
If I share any information with your GP it will be in written form, in explicit consultation and collaboration with you, with the purpose of you getting better quality health care. I would ensure you have the opportunity to edit before it is sent and that you have a copy of the final draft.
Legal exceptions to obtaining your consent
There are some situations where I would be required to share your information with third parties, without your consent:
• Court Order If I am required to disclose data about you, under a Court Order for me to do so.
• Child Protection If I am concerned about the welfare of a child, i.e. where there are child protection issues relating to potential physical, mental, sexual abuse or serious neglect.
• Risk to self or others (Safeguarding Concerns)
Where there is an imminent risk of serious harm to yourself or harm or exploitation of others.
If you are seeking help and you are perpetrating a serious crime against someone, or you are actively suicidal, I am unable to protect your right to privacy, as I must take appropriate action to protect the rights of children and vulnerable adults if I believe they are at risk. In those instances, I will always follow local and national safeguarding policies and the BACP Standards of Conduct, Performance and Ethics.
If you are worried about your safety or the safety of someone else, it is very important that you get access to the right kind of help as soon as possible. In crisis or high risk situations, it may well be more suitable for you to prioritise getting linked up with a therapeutic team who specialise in crisis or high risk situations. I will do my best to get you linked up with the most relevant sources of help, as a sensible alternative to working with a sole practitioner like myself.
How long do I store your data?
I ensure that if any information is obtained that this will be stored securely until a time it is no longer necessary in line with the GDPR statutory retention period. My retention period is three years after which I will dispose of any data which includes written case notes and files on a client.
Your Individual Rights
You have a number of rights when it comes to your personal data.
Your right of Access
You have a right to make a written request for the details of personal information that I hold about you. You can simply email me and I will be happy to share the records that I have for you.
Your right to rectification
If you believe that any information I am holding on you is incorrect, incomplete or needs updating, please email me with details and I will promptly make the right changes. I will always show you any report or letter I write to a third party before I send it, and invite you to rectify it as you see fit.
Your right to portability Any information that gets generated in our work together, such as reports or letters, you are most welcome to share with other people if that would be helpful to you. I will do my best to only keep information in a form that is easily portable for your convenience.
Your right to lodge a formal complaint
If you believe that your rights under the GDPR regulation have been infringed, or that the processing of personal data relating to you does not comply with lawful regulation, visit the Information Commissioners Office to find out how such matters can be dealt with on your behalf. Their helpline is 0303 123 1113.
Section 2
This privacy policy is for the website, www.therapylives.com and operated by Jonathan Emeruwa. The policy will explain areas of this website that may affect your privacy and personal details. Additionally it will explain the use of cookies or software, and the downloading of any document files made available to you on this website.
The DPA & GDPR May 2018
This website complies to the DPA (Data Protection Act 1998) and to the GDPR (General Data Protection Regulation) 2018.
Contact & communication
Users contacting me through this website do so at their own discretion and that confidentiality will be adhered to if using the services. I ensure that if any personal information is obtained for the purposes of the service provided that this will be protected and stored securely until a time it is no longer required or has no use.
External website links & third parties
Although I only look to include quality, safe and relevant external links, users are advised to adopt a policy of caution before clicking any external web links mentioned throughout this website. (External links are clickable text / banner / image links to other websites).
Shortened URLs; URL shortening is a technique used on the web to shorten URL’s (Uniform Resource Locators). Users should take caution before clicking on shortened URL links and verify their authenticity before proceeding.
I cannot guarantee or verify the contents of any externally linked website despite my best efforts. Users should therefore note they click on external links at their own risk and I cannot be held liable for any damages or implications caused by visiting any external links mentioned.
Website visitor tracking
Any external website links outside of this site may use tracking software to monitor it's visitors to better understand how they use it. The software will save a cookie to your computers hard drive in order to track and monitor your engagement and usage of the website, but will not store, save or collect personal information.
My cookies policy
The website uses cookies for the following purposes:- to enable my website to function - to provide NOT personally identifiable analytics information - to allow third party tools necessary for the features on my website to function.
Use of cookies on my website
My website uses session cookies and persistent cookies. With session cookies, when the browser closes, the cookie is permanently lost. With persistent cookies used on my website, there is a specific expiration date, upon which the cookie will be automatically removed from your device or computer. The information I collect about you on my website When you visit my website, I collect two types of information about you: 1. “Non Personal Information”, which is information that doesn’t identify you personally. This includes the country and region that you're in when you access my website, time of access, the pages you've visited and the time spent on my site. When you access my site, I automatically collect this sort of information via Google analytics cookies. It helps me to have an overview of how people are using my site, which in turn can help me make sensible decisions to improve the user friendliness of my website.
Purpose of cookies
Cookies are there to better the user’s experience while visiting the website and can be blocked at any time by using the user’s software options or the website’s blocking functions.
What are cookies?
Cookies are small files saved to the user’s computer’s hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website. Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors or use the cookie control system if available upon their first visit.
Your choices regarding cookies
You can choose to delete, block or disable all cookies from all websites, or some websites. If you choose to block cookies, you just need to be aware that some of the features on my website may be inactive and some of my pages might not display correctly. This will be the case for most other websites too. Should this happen, you always have the option of changing back your cookies setting again.
How to disable cookies
If you'd like to restrict the use of cookies, you can do this through your browser settings.
Social media usage
Whilst I may have official profiles on social media platforms such as 'linkedin' users are advised to verify authenticity of such profiles before engaging with, or sharing information with such profiles. I will never ask for user passwords or personal details on social media platforms.
There may be instances where my website features social sharing buttons, which help share web content directly from web pages to the respective social media platforms. You use social sharing buttons at your own discretion and accept that doing so may publish content to your social media profile feed or page. You can find further information about some social media privacy and usage policies on their websites.
Downloads
Any downloadable documents or files made available on this website are provided to users at their own risk. Whilst all precautions have been undertaken to ensure only genuine downloads are available users are advised to verify their authenticity using third party anti virus software or similar applications. I accept no responsibility for third party downloads and downloads provided by external third party websites.
Changes to our privacy policy
Any changes we may make to our privacy policy in the future will be posted on this page and if you request notification of these changes this will be sent by e-mail. Please check back at a later date to see if there are any updates to our privacy policy.
Contact
Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to [email protected]
Updated 16-03-2021