Confidentiality

This page provides information relating to how our team handle any information provided to us when we work with patients and clients (service users). For information relating to how we handle the information provided to us by people visiting our website please see our privacy page.

What is a service user?

When we refer to ‘service users’ we mean patients (children and young people), clients and other people who are directly affected by the care, treatment or other services that our team provide. The key principles set out on this page also apply when our team provide services to organizations rather than individuals.

Key principles

This page cannot cover every situation where problems or challenges about confidentiality might come up. However, we keep the following principles in mind when handling service user information:

  • Take all reasonable steps to keep information about service users safe
  • Make sure we have the service user’s consent if they are passing on their information (unless there are good reasons not to, for example, it is necessary to protect public safety or prevent harm to other people)
  • Get express consent, in writing, if we are using identifiable information for reasons which are not related to providing care, treatment or other services for service users
  • Only disclose identifiable information if it is necessary, and, when it is, only disclose the minimum amount necessary
  • Tell service users when we have disclosed their information (if this is practical and possible)
  • Keep appropriate records of disclosure
  • Keep up to date with relevant law and good practice
  • If appropriate, we will ask for advice from colleagues, professional bodies, or legal professionals
  • Make our own informed decisions about disclosure and be able to justify them.

Our psychologists are all registrants of the Malaysian Society of Clinical Psychologist (MSCP) and our hypnotherapists are registrants of British Society of Clinical Hypnosis (BSCH) or General Hypnotherapy Standards Council (GHSC). These bodies are a regulator whose main aim is to protect the public. To do this, they keep a register of psychologists and hypnotherapists that meet their standards for training, professional skills, behavior and health.

What is confidentiality?

Confidentiality to us means protecting the personal information relating to our service users. This information might include details of a service user’s lifestyle, family, health or care needs which they want to be kept private.

Service users should expect any contact with the MindCheck Psychology team to be treated as confidentially. Any of the team involved in the care or treatment of service users will protect their confidentiality at all times.

Our standards of conduct, performance and ethics

As a service we work inline with the MSCP, BSCH and GHSC Standards of conduct, performance and ethics. You can expect us to:

  • Promote and protect the interests of service users, parents and guardians
  • Communicate appropriately and effectively
  • Work within the limits of our knowledge and skills
  • Delegate appropriately
  • Respect confidentiality
  • Manage risk
  • Report concerns about safety
  • Be open when things go wrong
  • Be honest and trustworthy
  • Keep records of our work

Confidentiality and the law

We have a professional and legal responsibility to respect and protect the confidentiality of service users at all times.

It is our professional responsibility to protect the confidentiality of service users at all times.

It is also our legal responsibility to protect the confidentiality of service users at all times. The law says that as psychologists and hypnotherapists we have a duty to protect the confidentiality of the people we have a professional relationship with.

Our standards of conduct, performance and ethics say that:

  • We must treat information about service users as confidential
  • We must keep records secure by protecting them from loss, damage or inappropriate access

This means that we take all reasonable steps to protect information about our service users.

Consent and confidentiality

Identifiable information is disclosed for a number of reasons. It can happen when we refer a service user to another health and care professional or when a service user asks for information to be given to a third party.

It is important that we get the service user’s permission, or ‘consent’, before we share or disclose their information or use it for reasons which are not related to the care or services we are providing for them.

What is consent?

Consent, for the purposes of confidentiality, means that the service user understands and does not object to:

  • The information being disclosed or shared
  • The reason for the disclosure
  • The people or organisations the information will be shared with
  • How the information will be used

For consent to be valid, it must be voluntary and informed, and the person giving consent must have the capacity to make the decision.

By ‘voluntary’, we mean that the person makes the decision freely and without being persuaded or pressurised by professionals, family, friends or others.

By ‘informed’, we mean that the service user has enough information to make a decision about whether they give their permission for their information to be shared with other people. (This is sometimes called ‘informed consent’.) Service users should be fully aware of why we need to share any information about them, how we will do so, who we will be sharing the information with and how that information will be used. We should also tell them how not giving their permission is likely to affect the care, treatment or services they receive.

By ‘capacity’ we mean a service user’s ability to use and understand information to make a decision and to communicate their decision to us.

Types of consent

There are two types of consent for the purposes of confidentiality:

  • Express consent
  • Implied consent

Express consent

This is where we are given specific permission to do something. We need to get express consent if we are using identifiable information for reasons which are not related to the care, treatment or other services we provide for the service user, or in a way which service users would not reasonably expect. It is also important for us to get express consent if a service user has previously objected to us sharing their information with other people. Express consent can be spoken or written.

Implied consent

This is where consent from the service user is not expressly spoken or written but can be taken as understood, for example because service users have agreed to receive treatment, care or other services. If we are using identifiable information to care for a service user or provide services to them, in most circumstances we will have their implied consent. Most service users will understand the importance of sharing information within our team.

Consent and capacity

For consent to be valid we must have we must ensure the child or young person, or their legal guardian, has the capacity to consent to our involvement.

For us capacity refers to a service user’s ability to use and understand information to make a decision, and to communicate their decision to us.

Capacity for adults (18+)

We assume that adult service users have sufficient capacity unless there is significant evidence to suggest otherwise. Examples of reasons an adult user might lack capacity include:

  • A mental-health condition
  • Severe learning disabilities
  • Brain damage, for example from a stroke
  • A physical or mental condition that causes confusion, drowsiness or loss of consciousness
  • The effects of alcohol or drugs

Capacity for teenagers aged 16-17

We treat young people (aged 16 and 17) in the same way as adults and presume they have capacity unless there is significant evidence to suggest otherwise.

Capacity for children under the age of 16

For children under 16, we will nearly always need to get consent from someone with parental responsibility. This could be:

  • The child’s mother or father
  • The child’s legally appointed guardian
  • A person with a residence order for the child
  • A local authority designated to care for the child
  • A local authority or person with an emergency protection order for the child.

Some children under 16 can give consent if they can fully understand the information given to them. This is known as ‘Gillick competence’.

Making decisions for people who lack capacity

As an outpatient service we do not make decisions for children or young people that lack capacity. We would instead offer our professional opinion to the child or young person’s legal guardians as to what we considered to be in their ‘best interests’. This would involve:

  • Considering all the circumstances relevant to the child or young person, for example the type of mental- health condition or physical illness they have
  • Considering whether the child or young person is likely to have capacity in the near future and if the decision can be postponed until then
  • Involving the child or young person as far as possible
  • Taking account any previous beliefs, values, wishes and instructions the child or young person expressed when they had capacity
  • Being aware of the views of, for example of close relatives, carers and guardians

We need to balance the best interests of the child or young person against other duties. If we have a legal duty to share the information, or need to share it to protect the public interest, we can share it without the consent of the child or young person or their legal guardian. The reasons for this are covered below in the sections public interest and safeguarding.

Disclosing information with consent

In most cases, we will need to make sure that we have consent from the service user before we disclose or share any identifiable information.

One of the most common reasons for disclosing confidential information will be when we contact other health and care practitioners. This might include discussing a case with a colleague or referring a service user to another health and care professional.

Sharing information is part of good practice. Care is rarely provided by just one health and care professional, and sharing information within our team, the wider multidisciplinary team, or with other organisations or agencies is often an important way of making sure care can be provided effectively.

Most service users will understand the importance of sharing information with others who are involved in their care or treatment and will expect us to do so, so we will normally have implied consent to do this.

However, when we share information with other colleagues, we should make sure that:

  • It is necessary to provide the information
  • We only disclose the information that is relevant
  • The professional receiving the information understands why we are sharing it and that they have a duty to keep it confidential

If we decide not to contact other practitioners when we might reasonably be expected to, or if a service user asks us not to, it is important that we keep clear records of this and are able to justify our decision.

If we are concerned about a request someone makes for information – for example, we think the information they have asked for is not relevant – we may contact the person who has asked for the information so they can explain their request. We may also want to get legal advice, or advice from our professional body.

Sharing information with third parties

It is important that we get express consent, in writing where possible, if we plan to use identifiable information for reasons which are not directly related to the service user’s care or if they would not reasonably expect their information to be used or shared in that way.

Sometimes, a third party who is not a health and care professional may ask us for information. This might be a request to send information to an insurance company, education setting, local authority, or a solicitor. We would always make sure that we have express consent of the service user prior to providing any confidential information.

There are a small number of circumstances where we might need to pass on information without consent, or when we have asked for consent but the service user has refused it. The reasons for this are covered below in the sections public interest and safeguarding.

Disclosing information without consent

Public interest

We can disclose confidential information without consent from the service user if it is in the ‘public interest’ to do so.

This might be in circumstances where disclosing the information is necessary to prevent a serious crime or serious harm to other people. We find out whether it is in the public interest to disclose information by considering the possible risk of harm to other people if we do not pass it on, compared with the possible consequences if we do. This includes taking account of how disclosing the information could affect the care, treatment or other services we provide to the service user.

We should carefully consider whether it is in the public interest to disclose the information. If we are unsure we may want to get legal advice.

We need to be able to justify a decision to disclose information in the public interest (or a decision not to disclose information) so it is important that we keep clear records.

Even where it is considered to be in the public interest to disclose confidential information, we should still take appropriate steps to get the service user’s consent (if possible) before we do so. We should keep them informed about the situation as much as we can. However, this might not be possible or appropriate in some circumstances, such as when we disclose information to prevent or report a serious crime.

Sometimes, we may be asked for information directly under the law – for example, if a court has ordered us to disclose the information. We have a legal duty to keep to orders made by the court.

We should tell the service user if we have had to disclose information about them by law, unless there are good reasons not to – for example, if telling them would affect how serious crime is prevented or detected. We should also only provide the information we have been asked for and keep a record of this

Keep in mind that not all requests from solicitors, the police or a court are made under a legal power that means we must disclose information. If disclosure is not required by law, and cannot be justified in the public interest, we must get express consent from the service user.

Safeguarding

Our standards of conduct, performance and ethics say that:

We must take appropriate action if we have concerns about the safety or well-being of children or vulnerable adults.

In these situations, the following apply.

  • We follow local policies and processes for raising a safeguarding concern. This might include informing the local council or the police.
  • If we are concerned that someone has caused harm, or could pose a risk to vulnerable groups, we should refer the matter to the Disclosure and Barring Service, or in Scotland, Disclosure Scotland. We may also want to inform the local council or the police.

Requests from service users for access to the information we have about them

Service users have the right to see information we hold about them and it is important that we respect this. We charge a flat admin fee of £50 for any data requests. Any such requests should be made to this email address therapy@mindcheckmy.com

Questions about confidentiality

This page does not cover every situation about confidentiality. If you have a question about confidentiality please contact us.

Open chat
Hi, How can we help you?