As part of my role as an holistic therapist I will need to have a record of your personal details, such as:
· Full name
· Date of birth
· Telephone numbers
· Medical information
· Healing session records including presenting symptoms and treatment provided
I will give your records a unique reference codes which will be recorded on the top of the initial consultation form.
You have access to this information at all times. To access your information contact the data controller. This information will be kept on a record of treatment form. This is kept in a locked filling cabinet. This information is not stored electronically.
If you have consented to be on my mailing list, your name and e-mail address only are stored through Mail Chimp. You can request to be removed from this mailing list at any time by unsubscribing to the list or my e-mailing
No client files are left on surfaces for other clients / staff to read.
All data taken whilst on a mobile treatment or alternative venues will be transported in a locked bag, out of sight in a boot. No notes are left unattended in a vehicle at any time.
After the initial consultation all notes being transported will use the unique reference codes to identify you as a client. In the rare event they are stolen or lost, you cannot be identified or traced.
All notes will be kept secure for a period of 8 years for adults and will then be destroyed if you are no longer receiving treatment. All children’s notes will be kept until adult age (21), and then destroyed if no longer receiving treatment. Data processing concerning clients aged under sixteen can only be carried out with the express permission of a parent or guardian. Provided the legal minimum period has elapsed, you can also ask us to erase your records
Who is collecting it?
I collect data at the start of your first session. Some information may be requested by email or text message. On occasion data from relevant medical notes / letters and scans may also form part of the data collected.
How is it collected?
Collection of data will happen via pen and paper, email, text messages, occasionally photographs, videos, and letters by mail. No personal data will be collected via publicly visible social media. On occasion, if you have contacted my via social media I may ask you to contact me privately via a messenger service, and ask you send the relevant information. I will not contact you and will wait for your contact. You must only send these details if you are happy to do so. Once I have either recorded them on your consultation form for send goods that you have asked me to send you, the messages will be deleted, therefore I will not store the data this way.
Why is it being collected?
Data is collected to record, guide and supervise your progress and to be able to communicate effectively with you for the best outcomes. It is also used to compare progress week to week and to highlight changes, action to be taken and a detailed dialogue of treatment provided.
How will it be used?
Who will it be shared with?
Data is rarely used to communicate and be shared outside of the clinical environment and will only be done with the client’s permission.
Personal data will be sent by post or email separately to your treatment information and a personal allocated reference code will be used to ensure the individual cannot be identified without the 2 pieces of data recording being put together.
Client experiences can be shared with the public only with full consent from the client themselves. This will be taken in on a consent form signed by the client prior to sharing.
No data is shared with 3rd parties without consented permission.
No data is sold to third parties.
Client contact details may be held on phones. No phones are left unattended. All phones are locked remotely to prevent 3rd parties reading any sensitive information.
No sensitive / identifiable data is sent by email together in the same posting. Unique reference codes are used.
All computers / laptops and tablets are locked with passcodes and not left unattended. Only individuals with permission to read notes can access this data.
I take data protection and privacy seriously and promote this philosophy to all the industry in relation to protecting client data.
The data mapping in place should never cause a client to object or complain. Any queries and requirements are taken seriously and honoured.
Should a data breach occur the client and the ICO will be informed within 72 hours by the data controller who will carry out a full investigation.
The Data Controller
All queries and complaints should be addressed to the data controller:
Laura-Jo Popland Elder by L-J 07772669456
If you are not satisfied with our response, then you have the right to raise this matter with the Information Commissioner’s Office.