Raluca Ursica is committed to protecting and respecting your privacy.
We will only use information provided to us for specified and lawful purposes as provided under the General Data Protection Regulation and will handle this information both respectfully and responsibly. Raluca Ursica provides counselling, psychotherapy, training, clinical supervision and consultancy services directly to individuals and businesses.
This is provided by Raluca Ursica, Counselling Psychologist, Positive Psychotherapist and Clinical Supervisor.
This statement tells you what to expect when we collect personal information from you. For the Data Protection Act 1998 (the Act), the data controller is Raluca Ursica, Longcroft House, 2 – 8 Victoria Avenue, London, EC2M 4NS.
Raluca Ursica fully complies with the Data Protection Act 1998. The information you provide will be managed as required by the GDPR.
If you have any queries or want to request that your information held is changed or deleted, please contact me in the first instance by either post (see above) or email: email@example.com
STORAGE OF PERSONAL DATA
With your explicit consent, I may hold information about you to fulfil the responsibilities of my role as Counselling Psychologist/ Positive Psychotherapist/ Clinical Supervisor that has been obtained in the following ways:
• by requesting information from you in person
• via my website hosted by ‘GoDaddy.com’ if you complete a contact form
• via online directories where I am listed if you complete a contact form
• by receipt of an email you send (I will use the password / encrypted email system provided by ‘GoDaddy.com’ to communicate with you)
• via my smartphone if we text, phone or email
• via the secure video conferencing platform ‘Zoom’
• a record of the personal information you provide, which can include brief factual notes as a record of sessions will be held using an online encrypted recording system.
Paper records are held, these will be transported and stored in a locked document folder and/or held in a locked cabinet before being transferred to the online system. I will also hold some brief, factual notes as a record of sessions held.
The Data Processors that I use to help me obtain and hold your information, including GoDaddy.com, my website host. We may collect and process the following data about you: full name including title, date of birth, email address, mobile/telephone number/s, full address, name of the GP practice you are registered with, next of kin/emergency contact: name, type of relationship and telephone number, medication past & current (only if relevant to your reason/s for attending counselling), insurance details if referring for services via Vitality, for example. This information may be used to communicate with you directly and/or your insurer about things like appointments and payment. It may be used to identify you with your GP or the emergency services where there is a concern about your safety/well-being. Your medication history is also requested to better understand the extent of your physical and/or mental health problems and how these may relate to the reason/s you are attending psychotherapy or psychological assessment.
To meet the requirements of The British Association for Counselling and Psychotherapy’s (BACP), The United Kingdom Council for Psychotherapy (UKCP) and The Health and Care Professions Council (HCPC) to undertake supervision for clinical work, I will share non-identifying information with my supervisor/s. Ethically I am committed to sharing information if I am concerned about your own or another’s safety (with particular concern for you, children and vulnerable adults).
Legally I am obliged to share information relating to certain crimes including terrorism, and in the event of a court order, I may be required to disclose records held. In the event of my incapacitation or death, an appointed colleague or colleagues will be able to access the information held to inform you of such an event and as appropriate offer further sessions to you or refer you to see another mental health professional.
Raluca Ursica has used all reasonable care in compiling the content of www.positum.co.uk website but cannot accept liability for any errors or omissions. We will update material errors in the information if we are made aware of such errors, promptly.
Please note that the links to other websites on our site will have their privacy policies and that we do not accept any responsibility or liability for these policies. As part of service provision, Raluca Ursica may then collect data from additional sources including, but not limited to, professional practitioners providing the service, an employer, and treating practitioners.
Data created by Raluca Ursica may include, but not be limited to, assessment findings, communication and observation notes, written reports and electronic communications.
Data will only be held and processed where it is necessary to support the legitimate interest and vital interest of our business, except where such action will be overridden by your interests or fundamental rights and freedoms which require protection of personal data.
The referring company may be the data controller and hence may gain their appropriate consent for services to be provided directly by Raluca Ursica. Written referral information we receive typically includes, but is not limited to, name, address, phone number, date of birth, occupational/employment and medical information. This information enables Raluca Ursica to ensure that the service provided is both safe and appropriate for the situation and enable the delivery of the service. Where instruction from a referring party has been received by Raluca Ursica to provide services, we will seek your explicit consent to share your information at the start of treatment. If we are asked to provide written assessment, update and discharge reports to the referring party, then explicit consent will be sought from you.
DATA SECURITY BREACHES
Raluca Ursica takes management of your data extremely seriously and takes all reasonable steps to appropriately secure your data. If a data security breach occurs, you will be notified at the earliest opportunity (either directly or via a referring party where applicable) and information will be provided regarding the nature of the breach and action being taken.
Notification to parties such as the ICO and/or law enforcement agencies will be given as appropriate.
RETENTION AND DISPOSAL
Clinical information will be retained for a minimum period of eight years as a regulatory requirement. In the case of a child record, the records will be retained until the 25th birthday (or 26th birthday if the patient was 17 after the treatment).
This policy may be updated as required to ensure its compliance with data protection legislation and to exercise best practice.
You have the right to:
• receive a copy of the information held about you
• request your information be changed or updated so that it is accurate
• request that your information be deleted if you believe it is being kept for longer than necessary
If you have any concerns about the processing of your information, contact the Data Protection Regulator:
Information Commissioner's Office, Wycliffe House, Wilmslow, SK9 5AF, Email: www.ico.org.uk/global/contact-us/email,