This bundle contain client-facing, business and internal policies as follows:
GDPR Privacy Notice for Clients – This document is intended to be given to clients to explain how their data is collected, processed and stored. Guidance notes are provided at the end of the document. We recommend you undertake training on the topic of data privacy on a regular basis. We have provided examples for your convenience; however, you should edit this template to reflect your own practice.
Email Footer – a disclaimer to be added to your email signature in both desktop and mobile versions
GDPR Internal Policies:
- Record of Data Processing Activities including Retention Schedule – This policy explains to staff within the organisation what their data protection responsibilities are.
- Data and Cyber Security Policy – This policy explains to staff within the organisation what their data protection and cyber security responsibilities are.
- Data Protection Policy for Therapy Practices with Multiple Employees – This is an internal policy for practices with more than one individual. This includes other therapists as well as administrative, marketing, legal or accounting or other staff (whether employed or self-employed).