GDPR Data Protection training for psychologists in private practice.
This course is approved by the BPS CPD Quality Mark Scheme.
Dr Robert Watson from Become Psychology and Mark Burnett from Hope & May Global Data Protection Professionals present:
“GDPR Advanced Module for Psychologists, Psychotherapists and Counsellors in private practice”.
Friday 12th June, 2026: 10am-3pm. Online Workshop, cost £100.
_______________________________________________________________________
Like many others, you may think that a therapist in private practice has met their GDPR obligations by sharing their privacy policy with new clients, being registered with the ICO, and keeping client information safe. Unfortunately, your obligations are far greater than this, a good example is the legal requirement to have an Appropriate Policy Document which is your legal protection when you have to share information for safeguarding your clients or third parties.
Join us to fully understand your obligations and deeper your knowledge and skills for applying data protection law, including the UK GDPR, to your private practice. Following attendance, participants will be entitled to join our free quarterly GDPR Update and Advice Forum organised on Zoom.
_______________________________________________________________________
Previous participants have said:
“Thank you so much! I don’t know how you and Mark did it but you actually made GDPR interesting and dare I say it, sort of fun!”
” Both Robert and Mark were also really down to earth and approachable and made me feel like no question was too silly to ask. It felt like a safe space to share dilemmas relevant to gdpr.”
“Really appreciated the applicability of information shared , rather than just cite legislation, the information was relevant and real life examples were offered, welcome d and thought through together”.
“Mark and Robert made a very difficult topic interesting and accessible. Delivery was really good. Examples of enforcement action illustrated points well. Opportunity for questions really good.”
_______________________________________________________________________
This course will cover the following:
Part 1:
1. How to make data protection integral to your practice. This will include what documents you need in place and how to ensure clients are properly informed about your intended processing activities.
2. How to demonstrate adherence to the principles of transparency, accountability.
3. Practical considerations around the nuts and bolts: how long do I need to keep records for, where and how do I keep them, what audit trails are needed, and what documentation must I keep.
4. Choosing the appropriate lawful basis. Where you are not using consent, you will need an alternative. This section will include information about safeguarding and appropriate documentation to support you where individuals may be at risk.
Part 2:
1. What rights do my clients have.
2. What if my client:
a) Makes a subject access request. How do I comply, and can I refuse?
b) Makes a subject deletion request. How do I comply, and can I refuse?
c) Makes a data accuracy request. How do I comply, and can I refuse?
d) Makes a request to stop or limit the use of their data. How do I comply, and can I refuse?
The course includes helpful guidance notes and document templates, and there will plenty of opportunity for questions and discussion throughout the day.