Confidentiality

Confidentiality is a central tenet of therapy and coaching, and preserving the confidentiality of clients is paramount. Clients have the right to expect that all personal information will be kept confidential unless permission to disclose is given.

We expect practitioners to adhere to the highest ethical standards to guarantee that all information shared within the therapeutic or coaching relationship remains strictly confidential. This commitment extends to all aspects of the sessions, including any records or notes maintained. Information disclosed during therapy and coaching should only be shared with explicit and written consent from the client, except in cases where there is a legal obligation to disclose, or when there is a potential risk of harm to the client or others.

In the first session with a client, practitioners should explain confidentiality and the limits of this. It should be explained to them whether notes are kept, where and how these are stored, and if you discuss their care with a clinical or coaching supervisor.

It is the practitioner’s responsibility to ensure that all information is kept securely. You must ensure that all computer screens or other displays of confidential information cannot be seen by anyone including family and friends, and that screens are locked and password protected when away from your desk.

Any physical/paper records containing sensitive or identifiable information should be stored in a locked filing cabinet. They should not be left where others can access them (e.g. a desk, a bookshelf, in a car).

Any physical records which contain sensitive and personal information, and which are no longer required, must be destroyed securely (i.e. shredding).

Electronic records should be:

• Kept securely.
• Access to these should be restricted to the practitioner only.
• Protected by a strong password and second-factor authentication where possible. They should only be accessible by authorised users (the practitioner and those named in a professional will).

Practitioners should be mindful of storing identifiable sensitive information on cloud-based storage platforms in case of data breaches.

Practitioners should also periodically review and audit internal practices to identify and address any potential breaches of confidentiality. This proactive approach helps maintain a high standard of data protection. If practitioners discuss a client, either as part of clinical or coaching supervision or a consultation with another healthcare professional, they should use initials or a reference number only. No identifiable information should be shared unless necessary.