top of page

PRIVACY NOTICE

PRIVACY POLICY

I, Dr Jem Bhatt take the collecting, storing and security of your data seriously. The way I protect your data complies with the European Union’s General Data Protection Regulation (2018) which replaced the Data Protection Act 1998. I am registered with the Information Commissioner’s Office. For more information about data handling and privacy please email: DrJemBhatt@proton.me and see the information below.

​

WHAT ARE YOUR RIGHTS?

  • Right to be informed about what I do with your personal data

  • Right to have a copy of all the personal information I process about you

  • Right to rectification of any inaccurate data I process, and to add to the information I hold about you if it is incomplete

  • Right to be forgotten and your personal data destroyed

  • Right to restrict the processing of your personal data

  • Right to object to the processing I carry out based on my legitimate interest

​

WHAT INFORMATION I COLLECT, USE AND WHY?

As part of the assessment and therapy process I collect the following information: Full name, address and contact details (telephone number and email); Date of birth; Details of your GP; Occupation; Medication & Health information (e.g. whether or not you have a long term health condition). I use this information for the purposes of identifying you, reviewing psychological therapy, and contact you in the event changes need to be made (e.g. change in appointment time). I will take non-identifiable notes during sessions which I will keep confidentially and securely.

​

Some of the information I may collect is classified as sensitive and personal data (e.g. data related to your racial or ethnic origin, political opinions, religious or philosophical beliefs, data concerning health or data concerning your sex life, private opinions).  The reasons for collecting this information are ‘legitimate interest’ and ‘provision of health treatment’.  Please see the ICO website for further explanation of these.  The provision of this information forms part of your contract with me and will allow me to provide an assessment/therapy service to you, and to help me ensure the quality of my service.  

 

WHERE I GET PERSONAL INFORMATION FROM

Personal information I hold for you comes directly from you.

​

WHAT INFORMATION WILL I SHARE AND WHY?  

The data you provide me may be shared with a third party who you have informed me is already involved, where applicable (solicitor, insurance company, rehabilitation broker) to carry out the service which you or they have contracted with me.  I may share information with your GP via a copy of reports that I write to you with your consent.  I may also discuss with you sharing information with other bodies or other professionals if this feels appropriate.  This is to ensure you receive the best possible care. I will not use your information for marketing purposes and will not sell it to any third party. A summary of circumstances where I may share relevant health and care information are as follows:

  • you’ve provided me with your consent (we have taken it as implied to provide you with care, or you have given it explicitly for other uses);

  • we have a legal requirement (including court orders) to collect, share or use the data;

  • on a case-by-case basis, the public interest to collect, share and use the data overrides the public interest served by protecting the duty of confidentiality (for example sharing information with the police to support the detection or prevention of serious crime);

  • In England– the requirements of The Health Service (Control of Patient Information) Regulations 2002 are satisfied

 

For more information please visit: https://ico.org.uk/

 

As per the British Psychological Society guidelines for clinical I use a supervisor to ensure the quality and standards of their work. I use supervision for this purpose with a HCPC registered practitioner who is bound by the same rules of confidentiality and who is compliant with the GDPR. No identifiable information about you will be shared with a supervisor.

 

Additionally, the Health Care Professions Council (HCPC) standards of ethics and the General Data Protection Regulations state that data processing may be vital in the legitimate interests of the data subject and in order for the service provider to complete their business.  Therefore, if I feel that you or someone you have informed me about is at risk then I may need to contact your GP, another healthcare provider or a statutory body, eg. Social Services or parents if the child is under 18 of age.  If this is necessary, as far as possible I will discuss this with you first and I will act in accordance with HCPC and British Psychological Society standards of ethics to ensure your welfare, or that of someone else.

 

HOW IS INFORMATION STORED?

I will keep information securely in accordance with ICO guidelines.  Storage may be electronically or hard copy.  Hard copies will be stored in a locked filing cabinet. Electronic information will be stored on a password protected computer.  Emails will be stored in a password protected account in a GDPR compliant email account.  I will not store your identifiable name on my mobile phone although I will keep text messages whilst you are receiving a service. Text messages will be used primarily to confirm appointments. Please do not send any sensitive information via text message. I may communicate with you by post, mobile phone or email.  If I send reports electronically they will be password protected.

​

HOW LONG I KEEPT INFORMATION

A basic health record will be stored in a secure location for 7 years (or 7 years after your 18th birthday if you are under 18 years currently). Sensitive information relating to the work completed will be destroyed 7 years after the end of our work together. By law, this is the length of time we are required to store this information. You have the right to request access to information we hold about you. You will receive scanned or electronic information in a portable format. You have the right to request changes to factually inaccurate information we hold about you and the right to request the deletion information. If it is no longer necessary for me to hold this data, in order to protect your or our current or future legitimate interests, and if I have no legal obligation to hold the data then I will comply with your request. I will discuss this with you at the time and explain if it is not possible to delete the data.

 

 

GETTING IN TOUCH WITH THE ICO

The ICO’s address:           

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Helpline number: 0303 123 1113

 

 

 

If you have any questions regarding the use of your date or this privacy notice please email: DrJemBhatt@proton.me

bottom of page