Your privacy is of great importance to Fiona Dunkley and we are committed to complying with the terms of the General Data Protection Regulation (GDPR) regarding the responsible and secure use of your data.
Fiona Dunkley has a legitimate interest in processing personal data in order to provide psychosocial services. The purpose of this statement is to let you know what personal information Fiona Dunkley collects and holds, why this data is collected, how long it is kept and what your rights are with regards to this personal data. Fiona Dunkley is registered with the Information Commissioners Office (ICO).
When you are referred for psychosocial services with Fiona Dunkley you will be asked to consent to the processing of your data under the terms of this policy. Fiona Dunkley associates will also be responsible for their own data management, will abide by this privacy statement, and will hold their own privacy statement that complies with the GDPR terms.
What information does Fiona Dunkley collect?
Fiona Dunkley collects personal data such as name, address, date of birth, gender, GP/medical practitioner details, deployment details, employer’s details, telephone numbers, email address and Skype address. We also collect any data you give us regarding personal and family background, alongside potentially sensitive data relating to medical and mental health conditions.
What does Fiona Dunkley use your information for?
We use your information in the following ways:
- To provide clients with psychosocial services requested from Fiona Dunkley.
- To notify you about changes to your appointments and the services Fiona Dunkley provides.
- To fulfil any administrative, legal, ethical and contractual obligations.#
- On occasion Fiona Dunkley will provide information on training, workshops, blogs, electronic mailings or newsletters specific to Fiona Dunkley services only
What information does Fiona Dunkley share?
We will not share any information about you with other organisations or people, exception the following situations:
- Consent – We may share information with relevant medical professionals or others whom you have requested or agreed we need to contact.
- Serious harm – We may share your information with the relevant authorities if we have reason to believe that this may prevent serious harm being caused to you or another person.
- Compliance with law – We may share information when the law requires us to – i.e. safeguarding, terrorism, drug trafficking and serious crime.
- Clinical Will– We have a clinical will which means in the event of sudden death or a serious accident or illness, a named colleague will be able to access the contact details so we can notify clients.
- Supervision– It is an ethical requirement for any clinician offering psychosocial services to have regular supervision. Any supervisor used is an accredited member of the relevant accrediting body and works within their ethical framework.
How does Fiona Dunkley keep your information safe?
- All information you provide to Fiona Dunkley is stored as securely as possible. We will take all reasonable precautions to prevent the loss, misuse or alteration of information given.
- All paper forms and correspondence are kept in locked filing cabinets. All electronic files are kept on password-protected devices with virus protection software.
- All information is limited to Fiona Dunkley’s administrators, associates and any other personnel needed to maintain Fiona Dunkley’s services. Any personnel that have access to these files abide by this privacy statement and/or hold their own privacy statement that complies with the GDPR terms.
- Formal reports are password protected and/or they are sent through a secure encrypted service such as Protonmail.
- If process notes are made they are kept separate from any identifiable personal information.
- For live chat or audio-webcam appointments, wherever possible, we use Zoom which features end-to-end encryption for added security.
- Whilst we endeavour to keep our systems and communications protected against viruses and other harmful effects, we cannot bear responsibility for all communications being virus free.
- Client notes and other documentation are destroyed seven years after the end of the psychosocial services offered.
- Any known data breaches will be reported to the ICO within 72 hours.
- Any requests for personal data need to be made through a data subject access request and will be supplied within one month.
- Fiona Dunkley’s website, www.fionadunkley.com, is maintained by WordPress. Your details are not stored on their systems for any contact requests made through them.
- If clients choose to contact Fiona Dunkley by text or mobile phone, numbers are stored under a reference system and/or initials only, as opposed to full names.
Under the GDPR, you have the right to:
- Access your personal data – Rectify, erase or restrict your data – Object to the processing of your data – Request transfer of data (data portability).
- You may withdraw your consent for Fiona Dunkley to hold and process your data at any time. However, if you do this while actively receiving psychosocial services, the services would have to end. You can withdraw your consent by stating this on an email to firstname.lastname@example.org.
- If you have any concerns about the way Fiona Dunkley handles your data please contact email@example.com. If you feel this has not been resolved effectively you have the right to contact the Information Commissioners Office (www.ico.org.uk)
Changes to this policy
This document is a work in progress and may be modified from time to time.