The existing data dilemma!Do you have client notes which were made before the GDPR directive?
The guidence on consent is "If existing DPA consents don’t meet the GDPR’s high standards or are poorly documented, you will need to seek fresh GDPR compliant consent, identify a different lawful basis for your processing (and ensure continued processing is fair), or stop the processing." So we are still OK. But that means all the data you have since you started keeping data still comes under the GDPR guidlines, therefore you have a respobsibility to keep your user data safe, and also you will be obliged to purge this data after the nominal retention period of counselling client notes.
So by now I imagine that most counselling practices use some sort of electronic system to store notes and client information. This is not as complient as it seems now. What is required is a fully secure information data store. A simple network drive is not sufficient to keep the client files, not to mention a full audit of the client and their progress through your service.
What you need is a system that is fully GDPR compliant.
This is where Uniti can aid your practice. We keep all user data in a fully secure GDPR complient manner. From terms and conditions on the registration form to client purge after a designated time limit. Safe guard your clients records from falling into the wrong hands by using our database level encryption.
As well as this we use 128bit encryption on the link between your browser and the data store. The database we provide has a unique encryption key unique to your organisation.
We look after and advise on your GDPR requirements so it frees you to get on with the more important rolls in your day to day counselling.
Free yourself and get your GDPR off your list altogether.