DONNA SEALE’S CLINICAL PSYCHOLOGY PRACTICE PRIVACY NOTICE
This is the privacy notice for Donna Seale’s Clinical Psychology Practice (the “Practice”).
This privacy notice provides information on how the Practice collects and processes your personal data when you have services provided by the Practice, provide information in respect of potential use of the Practice or visit our website.
1. IMPORTANT INFORMATION
Donna Seale is the controller and responsible for your personal data. She is your data privacy manager. If you have any questions about this privacy notice or our data protection practices please contact her.
2. THE DATA WE COLLECT ABOUT YOU
Keeping records is an essential component of healthcare, which helps in understanding how best to help and forms the basis of any healthcare or reports needed. The Practice may collect, use, store and transfer different kinds of personal data about you as follows:
Health Data, which may include details regarding your health and any details you choose to disclose about your sexual orientation, sex life and political opinions, which may be ‘special category’ data under data protection legislation.
Technical Data in relation to website use.
3. HOW YOUR DATA IS COLLECTED
The Practice may collect your data through:
Communication interactions. You may give the Practice data by corresponding with us by post, phone, email or otherwise.
Consultations: you may disclose data during consultations at the Practice.
Provision by other healthcare professionals: in consultation with you, or where provided as part of a medico-legal report, information may be provided to the Practice by other healthcare or legal professionals.
4. HOW WE USE YOUR PERSONAL DATA
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
To register you as a new client.
To provide clinical phycology services to you.
To manage your relationship with us.
We rely on the following legal bases for the use of your personal data:
The provision of health treatment.
Consent where you provide your contact details as part of a communication with us or as part of commencing a service.
Performance of a contract with you in relation to a service to be provided by the Practice, including the provision of clinical psychology services. This also includes taking steps at your request before entering into such a contract.
Necessary for our legitimate interests (for example to manage our billing).
Where relevant, to comply with a legal obligation.
5. CONFIDENTIALITY AND DATA SHARING
Your data is kept in confidence in accordance with the confidentiality standards set by the Healthcare Professionals Council. In consultation with you, the Practice will share data with other health professionals where clinically necessary and appropriate for your circumstances. In rare circumstances, such as where there is a risk of serious harm, the Practice may be obliged or legally required to disclose information with relevant authorities or other healthcare professionals.
6. DATA SECURITY
The Practice has put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. Measures include:
Physical records are kept in a locked filing cabinet.
Digital records are stored with a cloud provider which makes use of strong digital security measures.
Confidential information sent by the Practice via the internet will be encrypted and password protected, with this sent separately by text.
Any letters sent to professionals such as GP’s, by surface mail, will be clearly marked Confidential.
All electronic devices (e.g. computer, laptop and phone) and used to access stored information will themselves be password protected.
In the event of a data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
7. YOUR LEGAL RIGHTS
Under certain circumstances, you have rights under data protection laws in relation to your personal data. These rights include:
Request access to your personal data. You may request access to your personal data which will be provided within 30 days of receipt of such request. In some circumstances an administration fee may be payable.
Request correction of your personal data. Where a factual inaccuracy exists in your personal data you may request correction of that inaccuracy.
Request erasure of your personal data. Where you wish your personal data to be erased you may request this of the Practice, who will comply where there is no legal requirement or legitimate interest of the Practice in retaining such data (for example, retention of billing information for taxation purposes).
If you wish to exercise any of the rights set out above, please contact Donna Seale.
You may make a complaint relating to data protection issues at any time to the Information Commissioner’s Office, the UK supervisory authority for data protection issues (www.ico.org.uk).
© Donna Seale 2021