top of page

Privacy and Policy

Privacy Notice

​

How will my data be stored?

​

In May 2018 the Data Protection Act was replaced by the General Data Protection Regulations (GDPR). NeurologicallyRewritten is GDPR registered. The changes to the Data Protection Act are aimed at ensuring that your personal, confidential and sometimes sensitive data, is held privately and securely. This means that any data you give to NeurologicallyRewritten must be processed in a way that you agree with. GDPR exists to protect your rights as a consumer. It applies to your identifiable data, e.g. name and address & any reason you might have for visiting NeurologicallyRewritten. It also covers any session records, text messages or emails between NeurologicallyRewritten and yourself.

​

How long will you hold my information for?

​

NeurologicallyRewritten is a member of the Oxygen insurance.  As such their are bound by their regulations regarding the length of time they must hold onto your information. The CNCHC insists that NeurologicallyRewritten must hold onto your data for 5 years after your final session. However, the rule for children is different and the Oxygen insurance stipulates that their data must be held until their 25th birthday.  The exception to this rule applies to young adults whose treatment ends when they are 17 years old when NeurologicallyRewritten must keep their records until they reach their 26th birthday. Client records will be destroyed in the January after the dates given above. This is in line with NHS regulations for holding data.

​

What if I would like my data to be destroyed before this date?

​

Under the GDPR rules, you are able to request the deletion of any of your records at any time.  Simply write to NeurologicallyRewritten requesting that your records are destroyed and once she has confirmed your identity, they will do so. There is no charge for this service. NeurologicallyRewritten will then ensure that all your paper records are shredded with a cross shredding machine. Any electronic data held by NeurologicallyRewritten, such as emails or text messages will be permanently deleted from the devices they are stored on. NB. NeurologicallyRewritten will need to save the written deletion request you sent her but would destroy any other data.

​

Am I able to see or get a copy of the information held by you?

In line with GDPR, if you send NeurologicallyRewritten a request in writing, specifying the data you wish to see, they will supply you with a copy of your data within 30 days. NeurologicallyRewritten will need to confirm your identity before sending you the information. There will be no charge for this service. NB. NeurologicallyRewritten’s insurance company’s legal team may wish to verify any information she sends out.

​

What are your Reasons for collecting this information?

 NeurologicallyRewritten is keen to offer the highest quality support to their clients and in order to do so they will collect the following information:

​

  • An idea of what you would like to achieve by coming for hypnotherapy,

  • A small amount of medical information 

  • Some brief session notes

  • Your contact details

  • GP contact details

  • CORP research data

  • Some basic information about your important others

 

This information allows NeurologicallyRewritten to provide continuity within the sessions, in order to help you towards your goal. This information will allow NeurologicallyRewritten to refer to the content of earlier sessions and previous discussions. NeurologicallyRewritten will only use your contact details/address and GP’s details with your explicit consent. See client agreement and initial consultation sheet. The CORP research programme collects unidentifiable information for the purposes of producing scientifically measured outcomes for Solution Focused Hypnotherapy.

​

How do I know that NeurologicallyRewritten will store my information securely?

​

  • Paper session notes – NeurologicallyRewritten stores all paperwork within locked cabinets.

  • Text messages – NeurologicallyRewritten’s work phone is secured with fingerprint recognition or a passcode.

  • Emails – NeurologicallyRewritten’s email account requires a user NeurologicallyRewritten and password.

  • CORP research data - accessed via a password protected programme on password protected tablet.

 

Are our discussions within the hypnotherapy sessions confidential?

​

Everything you discuss with NeurologicallyRewritten during your sessions remains strictly confidential. Occasionally it may be necessary for NeurologicallyRewritten to discuss elements of your sessions with there supervisor to ensure that they can help you in the most effective way. However, no identifying features about you will be disclosed during these discussions. NeurologicallyRewritten’s supervisor is also registered with GDPR.

​

What if I see NeurologicallyRewritten outside of a hypnotherapy session?

 

NeurologicallyRewritten is obligated by GDPR to protect your confidentiality at all times. So, for this reason, although they may acknowledge you, it would be ideal if any further conversation could be avoided.  However, if you wish to discuss your therapy with other people, that is your choice and you are welcome to do so.

​

Will NeurologicallyRewritten discuss information about me with other health and social care professionals?

​

NeurologicallyRewritten is only able to contact other health and social care professionals with your written consent. Should they write to your GP, to notify them that you have entered into a therapeutic relationship with them, or to notify them that your therapy has been satisfactorily concluded, NeurologicallyRewritten would require your signature in line with GDPR requirements. NeurologicallyRewritten does have a “Duty of Care” towards their clients, so the only exceptions to this would be if they believed that you were about to harm yourself or others. Should this occur then NeurologicallyRewritten would be required to inform the relevant authorities”. However, NeurologicallyRewritten would always aim to discuss this with you before taking any action. Legally, NeurologicallyRewritten would also have to provide the police with information as set out in a warrant or court order, should the situation arise.

​

Who is the Data Controller and what is their ICO registration number?

Data Controller is NeurologicallyRewritten .This policy was last updated Date. It may be updated at any time, so please check back regularly to ensure that you're aware of the latest version. Please note that the cookie policy for Domain NeurologicallyRewritten is available to view online.

ICO Registration number: ------------------

 

 

 

Date___________________

Signed:  NeurologicallyRewritten

bottom of page