Privacy Policy

This document describes the privacy policy of Timothy Pilkington Psychology (“TPP”) for the management of clients’ personal information.

Client information

Client files are stored on PowerDiary, a secure Australian cloud-based practice management software. Your clinical notes are only accessible by your psychologist. The type of information on each file includes your contact details, referral letters, medical history, clinical notes, credit/debit bank card and other personal information collected as part of providing the psychological service.

PowerDiary is compliant with legislative and regulatory requirements in Australia and Europe, which includes the Australian Privacy Principles set out in the Privacy Act 1988 (Cth), the Health Insurance Portability and Accountability Act (HIPAA) and the General Data Protection Regulation (GDPR).

Payments

PowerDiary processes credit/debit card payments via a secure and validated integration with Stripe Inc. If the client gives consent, PowerDiary is able to record a client’s credit/debit card for future payments. Stripe Inc. complies with the Payment Card Industry Data Security Standards (PCI DSS) and is certified as a PCI Service Provider – Level 1. For more information regarding Stripe Inc. please see their Privacy Policy: https://stripe.com/en-fr/privacy.

How clients' personal information is collected

A client's personal information is collected in a number of ways during psychological consultation, including when the client provides information directly to TPP using online forms, correspondence via email and the TPP website, and when other health practitioners provide personal information to TPP, via referrals, correspondence and medical reports.

Disclosure of personal information

All personal information gathered by the psychologist during the provision of the psychological service will remain confidential except when:

1. it is subpoenaed by a court, or disclosure is otherwise required or authorised by law;

2. failure to disclose the information would in the reasonable belief of the TPP place you or another person at serious risk to life, health or safety;

3. your prior approval has been obtained to

a) provide a written report to another professional or agency. e.g., general practitioner or a lawyer;

b) discuss the material with another person, eg. a parent, employer, health provider or third party funder;

c) disclose the information in another way;

d) disclose to another professional or agency (e.g. your general practitioner) and disclosure of your personal information to that third party is for a purpose which is directly related to the primary purpose for which your personal information was collected.

Your personal information is not disclosed to overseas recipients, unless you consent or such disclosure is otherwise required by law. Your personal information will not be used, sold, rented or disclosed for any other purpose.

Professional Supervision

Your psychologist may consult with a professional supervisor about your case for the purpose of supervision and guidance to enhance their service to you. In such instances, your information will be de-identified (i.e. using a pseudonym).

Consequence of not providing personal information

If the client does not wish for their personal information to be collected in a way anticipated by this Privacy Policy, TPP may not be in a position to provide the psychological service to the client. In some circumstances, clients may request to be anonymous or to use a pseudonym, unless it is impracticable for TPP to deal with the client or if TPP is required or authorised by law to deal with identified individuals.

Purpose of holding personal information

A client’s personal information is gathered and used for the purpose of providing psychological services, which includes assessing and treating a client’s presenting issue. The personal information is retained to document what happens during sessions and enables the psychologist to provide a relevant and informed psychological service. If the client gives consent, PowerDiary is able to record a client’s credit/debit card for future payments.

Requests for access and correction to client information

Clients may request to correct personal information on their client record that is agreed to be inaccurate, out-of-date or incomplete. All requests by clients for the correction of personal information held about them should be lodged to TPP at the website www.timpilkington.com. These requests will be responded to via email within 30 days, and an appointment will be made if necessary for clarification purposes.

Clients may also request to see the personal information about them kept on electronic record by writing directing to TPP. Your psychologist will respond to your request via email in 30 days, and may or may not provide you access to this information, subject to the exceptions in the Privacy Act 1988 (Cth). Where access is granted, your psychologist will require you to attend an appointment to view your personal information.

Disposal of client records

Psychologists are required to hold adult clients’ files for 7 years and to hold child clients’ files until the child has turned 25 years old. TPP stores client records on PowerDiary, a secure electronic practice management system and once the record is due to be disposed of, the electronic file will be permanently deleted.