GDPR for Psychotherapists - Overview of blog series


This note started out almost a month ago, in April 2018, when a member of The Relational School ("TRS") asked on their list for some advice about the encryption of electronic messaging and emails, against the background of GDPR (formally the General Data Protection Regulation (2016), Britain and Europes's new Data Protection law). I gave a reply, a discussion ensued. Subsequently I joined the Facebook group "GDPR for therapists" set up by Tania Taylor. After I had commented quite a bit in these groups, and spoken with some other friends and colleagues, I had the idea of gathering my ideas, and the outcome of my research.

I thought in the end that it would be most natural to turn it into a small series of blogs, and post them on my website on the "Psychotherapist blog" page.

The individual blogs are:


Recommended actions

Main ideas about implementation

Legal issues; excerpts from the GDPR text

Technical issues - General and information security

Technical issues - Recommended actions

Technical issues - Mobile phone security

Technical issues - Encrypting the communication of personal data

Technical issues - Protecting hardware and software; backups

Technical issues - Deleting data

I am most grateful for all the interaction and discussion with members of the TRS list, Tania Taylor's Facebook group, Tania Taylor, Dominic Davies, and Niki Reeves, who has provided a set of slides that she uses. I thank them all for their input and discussion.

Next >