our logo

GDPR for Therapists

In the Autumn 2018 issue of Reflexions, our quarterly WebHealer article was titled "GDPR for Therapists" and traced the history of internet adoption in the therapy sector and looks ahead to where we are likely to be in 4 or 5 years.

GDPR for Therapists

Now the dust has settled after the launch of GDPR it is timely to consider what it means in practice.

An important confusion to clear up first is that the EU General Data Protection Regulation (GDPR) is not a website problem as such. Your website may be the place where you publicy display your Privacy Policy just as you display your contact details and qualifications, but GDPR is all about how you process Personal Information and that happens in many situations. For example when someone

1. Emails you with an enquiry
2. Calls you and gives you their phone number
3. Writes you a letter
4. Sends an enquiry through your website
5. Comes for an appointment during which you record case notes

GDPR wants you to give considered thought as to how you handle that personal information, how you store it and how long you retain it. The people who's information you process should also know what their rights are and you should have mechanisms to correct or erase any information you hold.

There is limited space in this article so we can only touch on one or two aspects in more detail. For a fuller explanation please download our free eBook “Using the Web to Attract More Clients” from www.webhealer.net. Here’s a summary of the themes covered.

Contract v Consent
These are technical terms with specific meaning. They refer to whether you use information in order to communicate and work with a client or to market to them. You need to understand the difference as processing on the basis of “Consent” (i.e. marketing) can easily, even accidentally, be abused. It therefore comes with greater responsibilities.

Fear and The Kitchen Sink Approach
Alarmist stories in the press have led many to "throw the whole kitchen sink in" to their Privacy Policy for fear of missing something and still be anxious that they have overlooked an important area. Take comfort however that a therapist who doesn’t use sophisticated “big data” will come under much less scrutiny than an Amazon or Facebook. Elizabeth Denham the UK Information Commissioner even stated “We are not looking for perfection. It’s nonsense to think the regulator is going to be making early examples of small businesses by levying large fines"

Website Specific Issues
See our eBook for more details on the placement of Privacy Notices on your website. We also explain the relationship between a Privacy Policy and a Cookie Policy. If you are a WebHealer customer are you aware that we have created additional dedicated space for your Privacy Policy and automatically add links to it from Contact Forms?

©2020 PHD Interactive
Privacy   Cookies