In accordance with General Data Protection Regulation, which takes place in the EU for anyone who stores personal data, the following policy has been adopted in our practice.
Data is collected by our office solely for the purpose of providing treatment to you. We never share your data with any other providers as per European and Danish confidentiality laws regarding the provision of psychological therapy.
More specifically, the data we collect is used for
1) Treatment planning and provision
3) Third party billing, for people with insurance
4) Notifying you of upcoming changes to our practice and/or groups that are starting in the future.
You have the following rights with respect to your data
1) You have the right to receive a copy of your data
2) You have right to revoke consent for us to use your data at any time
3) After termination of our work together, you have some rights to ‘be forgotten’. Please discuss this right with your treatment provider.
The data services we use include
1) Siteground Webhosting (encrypted in compliance with GDPR)
2) Acuity Scheduling (encrypted in compliance with GDPR)
3) Apple Cloud (encrypted in compliance with GDPR)
4) Simpelt regnskab for accounting (encrypted in compliance with GDPR)
5) Google for only the storage of contact information in our phones (name, address, phone number and email with your consent)
6) Phone providers for calling/ SMSing to you, if you consent
7) Any paper records are stored in a locked file cabinet behind locked office doors
Though we, at our office, go to a great deal of care to protect your data, there are some things that are your responsibility. We cannot be held accountable for example, for:
1) Emails left open on your personal computer
2) Your personal passwords on your devices
3) Ensuring encryption with your personal email servers
Debbie Quackenbush, Ph.D.