Connect Counselling Service (hereafter “CCS”) is registered with the Information Commissioner’s Office (ICO). It is a member of the Association of Christian Counsellors and an Accredited Service of the British Association for Counselling and Psychotherapy we abide by their ethical codes.
Lawful Basis for Processing Personal Data
- The client gives consent for contact information to be held in order for CCS to communicate with them between sessions.
- Session information is held that is in the legitimate interest of the client to ensure safe, ethical monitoring and therapeutic processing of the work.
- Sharing information with a GP, or similar professional, is only done when it is in the vital interest of the client to protect their life or well-being.
- Name, email address, phone number, address, Date of birth, gender, & GP name.
- Name and contact details of a trusted person provided by the client
- Personal / medical history deemed of relevance by the client.
- Session and process notes which are identifiable only by a reference code, not by client name.
Where does the Information Come From?
- All information is given to CCS directly by the client, verbally or in writing.
- If the client uses an online contact to CCS, the information would then be followed up and supplied via the telephone.
How Does the Service Seek Consent and Communicate About Privacy?
- Clients are provided with privacy information verbally, with key details in writing, during the initial consultation at CCS. Written copies of this policy are provided on request and are also available via Connect’s website. www.connectcounselling.org.uk
- Consent is requested as part of the initial assessment process.
Who Does the Service Share Information With?
- Information is for CCS use only.
- In the event of the unplanned closure of the service the information will be shared with our clinical executors for the sole purpose of informing and supporting the client in a safe and professional manner, in line with ethical practice.
- Non-identifiable information regarding the process of the work is shared with the supervisors and clinical team at CCS.
- The GP or trusted person may be informed if there are serious concerns regarding the client’s well-being or that of someone else. This would be in consultation with the Counselling Team manager, supervisor or Head of Service, and where possible, it will be discussed with the client in advance.
- With a client’s express written request, CCS may provide them with written evidence of the broad fact of their attendance for their personal use.
How Does the Service Seek, Obtain and Record Content
- Clients phone CCS directly and leave their number.
- Emails sent by clients are held on a password protected computer.
- These are deleted when the information is dealt with.
- Active client phone numbers are held in paper copy in a locked cabinet.
- Written details (on paper) are taken at the time of the first consultation.
- Changes to information are made, if a client informs CCS of changes of contact or of their GP.
- Clients are entitled to withdraw their consent to CCS holding their information at any time.
Why does the Service hold Client’s Data?
- For contacting a client for the purposes of our work.
- For contacting the client’s GP, with their consent.
- To record session notes to allow for accountability and monitoring of the work by the counsellor according to ethical practice.
- To ensure the service meets its target population
Where does the Service Hold Information?
- Written information is kept locked in a file.
- Information with identifiable details is kept locked separately from session or process notes and is double locked.
- Written information is held for 7 years and then destroyed by shredding.
- Phone numbers with name and address are kept separately in a locked cabinet.
- Any relevant emails are held until the information has been recorded as identified above.
How does the Service Respond to Requests for Data/ Withdrawal of Consent?
- Clients are entitled to see their notes and any data kept regarding them. The client can request in writing to see them. CCS will then arrange for a client to read their notes as requested in the Counselling Team Manager or Head of Service’s presence.
- Clients are entitled to withdraw their consent to holding their data at any time, by notifying CCS in writing. Existing clients who wish to withdraw their consent will then no longer be able to receive counselling services from CCS.
- Clients are entitled to lodge a complaint with the ICO or with the professional body, BACP, if they are not satisfied with the way their data is being used.
- A request from an outside agency will be discussed with the client where legally appropriate. CCS would only provide confirmation of a client’s attendance and then only with their written consent, unless required by law to do otherwise.
- In the event of further information being subpoenaed CCS reserves the right to provide redacted notes to ensure only relevant and factual information is shared.
Detection of Data Breaches
- A data breach could occur in the event of the hacking of CCS’s email system or a forcible break-in to the locked records.
- In the unlikely event of a data breach happening CCS will inform all affected client’s immediately.