top of page
Psychologist Session


At Anderson Brown Psychology Services your privacy is taken very seriously. We work in accordance to General Data Protection Regulation (GDPR) and professional guidance from the Health and Care Professions Council (HCPC).  Our privacy policy outlines how we may use and store your information.  Our privacy policy will be given to each client to read before they begin a piece of work with us.

What data I will hold?

Personal Information Collected on Website/email

  • If you complete the website contact form or email us, we will collect the necessary information to allow us to answer your query and discuss making an appointment.  This information will be kept electronically for booking and administrative tasks only.  We will not share you information with third party services.  Once the enquiry has been fully dealt with we will delete the electronic message within seven days.

  • If you have made an appointment, we will keep note of your name, contact details and appointment details in a password protected electronic calendar. 

  • Your contact details will be saved in my ProtonMail contact list.  ProtonMail is a highly encrypted email service which is GDPR compliant.

Client Intake Form

  • Before beginning a piece of work, we ask our new clients to complete an intake form.  This allows us to gather information needed to process your referral and prepare for our appointment.  These forms will be stored electronically, in a password protected file.

  • From your intake form we will have your GP’s contact information.  We will not contact them unless there is a clinical need.  We will not contact them without your permission, except in the case of the exceptions outlined in the “Who might data is shared with and why?” section.

Case notes

  • Your Clinical Psychologist  will keep short notes of your sessions together.  These will be store electronically, and any paper version made in session will be shredded.  All files stored will be password protected.

How data will be stored?

  • All information I hold electronically will be stored as be password protected files.

  • Anderson Brown Psycology Services use a business ProtonMail email address.  ProtonMail is GDPR compliant and is a highly encrypted email service.  ProtonMail servers are encrypted which means that data stored in our ProtonMail account cannot be accessed by others (not even ProtonMail).  However, we cannot be responsible for how you store and protect the emails you send or receive from us.

Anderson Brown Psychology Services are registered with the Information Commissioners Office (ICO) and follow a set of guidelines around the protection of data and privacy from my professional regulator (the Health and Care Professions Council).

How long will I store data for?

  • Data will only be stored for the minimum period that it is required. 

  • Personal contact information, used to allow contact for therapy will be deleted within six months of the last therapeutic contact. 

  • It is advised by both the British Psychological Society (BPS) and the Health and Care Professions Council  (HCPC) that therapeutic notes are stored for a seven year period.   I delete case notes every January for cases which have reached the end of this storage period.

Who might data be shared with and why?

The information and data outlined above is treated as confidential.  This means that, aside from a couple of exceptions outlined below, we will not share your information with anyone without your consent.

There are certain exceptions to client confidentiality where we may have a legal duty to share certain information:

  • When the information concerns risk of harm to you, another adult or a child.  Where possible we would always aim to discuss this disclosure with you first, however if we believed the danger to be imminent or that the disclosure would increase risk to you, another adult or a child then we may not be able to do so.

  • When disclosure is in the public interest to prevent a miscarriage of justice or where there is a legal duty, e.g. a Court Order.

  • When there is need-to-know information for another health provider, such as your GP.

As registered Clinical Psychologists we received regular Clinical Supervision from another therapist.  This is an opportunity for me us discuss our work and ensure we are practicing safely and effectively.  Within Clinical Supervision sessions therapeutic work is discussed, however your identity will not be disclosed.  Clinical Supervision is treated as a confidential space.

Accessing your information

You have the right to access the information I hold about you.  You can make a data request and we will usually share this within a 30 day period.  There may be an admin fee for accessing this information and we may need to request further evidence to verify your identity.

You have the right to get your information corrected if it is inaccurate, however as records are to be retained for seven years, we reserve the right to refuse a request to delete therapy records, where to do so would be in contradiction to professional guidelines.

Privacy Policy: Resources
bottom of page