We maintain the highest standards of confidentiality, but we have a professional obligation to disclose if a client or others are at risk, if a court order is received and a legal obligation arises. Please be aware though Dr Lenihan’s services are not for emergencies or urgent help. If you are ever in a state of crisis or emergency, please contact a crisis line such as Samaritans (08457 90 90 90), call 999, or go to your local Accident and Emergency Department.
Dr Lenihan has regular supervision and also consults selected colleagues around client care, in accordance with good professional practice. The content of counselling sessions will not be disclosed outside of anonymised discussion in peer consultation without client consent, unless there is a professional requirement to disclose as above. Dr Lenihan’s service manager and administrator has access to client data as required for administration of care and arranging appointments. Assessment and review appointments may require MDT discussion with selected clinical colleagues or second clinical opinions.
We take reasonable steps to ensure personal information is secure, in line with General Data Protection Regulations, British Psychological Society, Health Care Professions Council and CIMSPA guidelines on confidentiality, but email, text, telephone, video, online platform messaging and online systems can never be made 100% proof against professional data theft. Letters or reports are sent via first class post or encrypted via email to clients, and agreed outside agencies. We communicate information with selected colleagues using Protonmail, egress or WriteUpp.Please see https://protonmail.com/privacy-policy and https://www.egress.com/legal/website-privacy and WriteUpp information below for further details on how Protonmail, egress and WriteUpp manage and process user data. We provide relevant information to other health care providers involved in client’s care (such as the NHS or private organisations) and discuss clinical care as agreed with the client. Email communication with other agencies (for example, client’s GP or themselves) cannot be guaranteed the same level of security after the information has left our service. Consenting to continued communication by email and platform messaging, confirms client understanding that this can be an insecure method of communication. Clients are advised to use an encrypted email service provider such as Protonmail for greater security of emails. We use Protonmail and Writeupp (see WriteUpp details below) for email and direct message communication. Email communication of details relating to client care may be required with other agencies, where emails received relate to care with them and need immediate attention and if the client consents for their details to be passed on in this way.
Clinical records are stored electronically on encrypted media and a GDPR compliant practice management system WriteUpp, with a high level of security, for at least the minimum legal period following completion of care. Records on all management systems may be needed to be lawfully retained for a longer period as required by Dr Lenihan’s professional registration bodies or insurers. Clients have the right to ask for a copy of their personal information free of charge and to ask for any incorrect information about them to be amended or erased. They have the right to ask for any information to be erased, which is no longer held for legitimate interests. This includes personal information that is no longer relevant to original purposes. In all cases and when considering such requests, these rights are obligatory unless it’s information that we have a legal obligation to retain, such as above. For the purposes of the General Data Protection Regulations (GDPR) 2018, the data controller is Dr Penny Lenihan. In proceeding with booking an appointment, clinical clients are consenting to the transfer of their data to WriteUpp as a data processor, please see http://www.writeupp.com/privacy for details of how they manage data.
We use client contact details for the legitimate purpose of arrangement and provision of professional services and communication in relation to those services. Clients consent to provide contact details for communication by email and platform messaging, post and mobile phone (for Two-Factor Authentication). Clients can contact us via email@example.com to discuss this further at any time.
We hope that clients are happy with any service provided and are encouraged to contact us in the first instance to resolve any concerns and provide any positive feedback. The professional body for statutory regulation of Practitioner Psychologists is the Health Care Professions Council (HCPC) and for Exercise and Fitness Professionals it is The Chartered Institute for the Management of Sport and Physical Activity (CIMSPA).