PRIVACY STATEMENT
CONFIDENTIALITY
Your therapy and personal information are kept securely. Information will be shared within clinical supervision with a consultant clinical psychologist / neuropsychologist who is also HCPC registered. If I am working with you as part of a wider rehabilitation team, relevant information (such as session notes or therapy updates) will be shared with members of the multidisciplinary team to support your care. This may include professionals such as your GP, NHS or private clinicians (e.g. therapists, doctors, nurses, or personal trainers), social services, support workers or carers, your financial deputy, and your solicitor. If there is any information you do not wish for me to share, please inform me. Information may also be accessible by my administrator. Any professionals involved in supervision or administrative support (e.g. my administrator) are also bound by professional confidentiality and data protection agreements.
Confidentiality will be broken if I have concerns that you or anyone else is at risk. If this occurs (if appropriate) attempts will be made to discuss with you prior to disclosure.
As a fully accredited member of the HCPC and BPS, I adhere to their ethical frameworks and guidelines to ensure that you receive a professional and quality service.
INFORMATION WE COLLECT ABOUT YOU
Upon starting therapy, basic personal information will be collected for contact and identification reasons. During our sessions, an assessment of your neuropsychological presentation will be completed, and notes will be taken during sessions. These will include personal and sensitive details about your life. This will be used to support your therapy within sessions and in the context of the wider multidisciplinary team.
YOUR RIGHTS
You have rights relating to the information I hold to verify the accuracy or to ask for them to be supplemented, updated or corrected. You have the right to request a copy of the information that I hold about you. If you would like a copy of some or all of your personal information, please contact Cognisant Neuropsychology Ltd (details in the footer of this document) with a signed letter of authority. Information will be provided to you within 30 days.
We want to make sure that your information is accurate and up to date. You may ask me to correct or remove information you think is inaccurate. You have a right to request the transfer of your data to another individual or company.
DATA RETENTION
Your information is kept for the time necessary to provide the service requested, however outside of this I will hold your details and session notes for a period to comply with legal obligations. Personal data for adults will be stored for 8 years after discharge unless the treatment is for a mental health diagnosis in which it will be retained for 20 years after discharge.
​
For children and young people, records will be kept until their 25th birthday, or until their 26th birthday if they were 17 at the end of their treatment. School records for children or young people with special educational needs will be retained for 35 years from the closure date.
After this period, all records pertaining to the client will be erased / shredded.
The data controller is Dr Jonathan Hinchliffe, Cognisant Neuropsychology Ltd, who can be contacted on jonathan@cognisantneuropsychology.com for any questions related to data protection.
SHARING OF DATA
There may be times where your information needs to be shared with third parties (not listed under ‘Confidentiality’). I will explicitly ask your consent before doing so (unless the third party has provided me with the signed consent from you), and the data will be sent to third parties securely.
SECURITY OF YOUR DATA
All my records are kept electronically and are encrypted. All information will be kept securely and confidentially in line with GDPR legislation.
COMMUNICATIONS
If you want to correspond via email, it is important to note that I cannot guarantee the security of information you share due to the nature of server to server email systems (e.g. hacking, security breaches). If you are concerned about sharing sensitive information via email, please ensure you encrypt it in an email attachment. If you proceed to email me after reading this, I will take this as confirmation that you have considered the risks and consent to share information by email.
LAWFUL BASIS FOR PROCESSING YOUR INFORMATION
The lawful basis for processing your personal data is Article 6(1)(b) of the UK GDPR, which relates to processing necessary for the performance of a contract. As I process special category data (health data), the additional condition under Article 9(2)(h) applies, allowing processing for the provision of health or social care or treatment. As an accredited member of the HCPC I operate under a strict code of confidentiality.
NOTE TAKING
During the consultation notes will be taken. This may be in written format, typed, or using a note taking tool called Heidi (for more information visit heidihealth.com).