top of page

SAFEGUARDING
1. Purpose of the Policy

This safeguarding policy sets out how the therapist, working in private practice in Scotland, is committed to protecting the safety, wellbeing and rights of all clients, particularly children, young people and vulnerable adults. It is written in line with the ethical frameworks and safeguarding requirements of the UK Council for Psychotherapy (UKCP) and the British Association for Counselling and Psychotherapy (BACP), and with reference to relevant UK legislation and statutory guidance.

The therapist works with adult individuals, couples, children and families and recognises a professional, ethical and legal responsibility to safeguard all clients from harm.

2. Scope

This policy applies to:

  • All therapeutic work with adults, couples, children and families

  • In-person, online and hybrid therapeutic work, including video, telephone and other digital platforms

  • Any safeguarding concern arising inside or outside the therapy context that may impact a client’s safety or the safety of others or the safety of others

3. Definitions

Safeguarding refers to protecting a person’s right to live in safety, free from abuse and neglect.

Children and young people: anyone under the age of 18.

Vulnerable adults (adults at risk): adults who may be unable to protect themselves from harm or exploitation due to factors such as disability, mental health difficulties, illness, age, or social circumstances.

Abuse may include (but is not limited to):

  • Physical abuse

  • Emotional or psychological abuse

  • Sexual abuse

  • Neglect

  • Domestic abuse

  • Financial or material abuse

  • Discriminatory abuse

  • Online or digital abuse

4. Legal and Ethical Framework

This policy is informed by:

  • UKCP Ethical Principles and Code of Professional Conduct

  • BACP Ethical Framework for the Counselling Professions

  • Children (Scotland) Act 1995 and 2020

  • Children and Young People (Scotland) Act 2014

  • National Guidance for Child Protection in Scotland (2021)

  • Adult Support and Protection (Scotland) Act 2007

  • Care Inspectorate and Scottish Government safeguarding guidance

  • General Data Protection Regulation (GDPR) and Data Protection Act 2018

5. Principles of Safeguarding Practice

The therapist is guided by the following principles:

  • The welfare of the child or vulnerable adult is paramount

  • Safeguarding is everyone’s responsibility

  • Clients are treated with respect, dignity and compassion

  • Safeguarding responses are proportionate, timely and least intrusive

  • Wherever possible, clients are involved in decisions that affect them

6. Confidentiality and Safeguarding (Including Online Work)

The therapist takes additional care when working online to ensure privacy, confidentiality and safeguarding, including the use of secure platforms, clear agreements about location, and awareness of who else may be present off-camera. Confidentiality is a core part of therapeutic work. However, confidentiality may be broken without consent where:

  • There is a risk of serious harm to the client or another person

  • A child or vulnerable adult is at risk of abuse or neglect

  • Disclosure is required by law or court order

Where possible, the therapist will:

  • Discuss safeguarding concerns with the client

  • Explain what information may be shared, with whom and why

  • Seek the client’s consent before disclosure

In exceptional circumstances, information may be shared without consent if this is necessary to prevent serious harm.

7. Safeguarding Children and Young People

The therapist holds a full and current PVG (Protecting Vulnerable Groups) Scheme membership, appropriate to their work with children and protected adults. The therapist is alert to indicators of abuse, neglect or exploitation and takes all disclosures seriously.

If a safeguarding concern arises, the therapist will:

  1. Listen carefully and respond calmly

  2. Avoid making promises of confidentiality that cannot be kept

  3. Record factual information accurately and promptly

  4. Seek consultation/supervision as soon as possible

  5. Make a referral to the appropriate local authority safeguarding team if required

The therapist may contact:

  • Local Authority Children and Families Social Work Services

  • The Named Person or Lead Professional where appropriate

  • Police Scotland or emergency services (in immediate risk situations)

8. Safeguarding Adults at Risk

Safeguarding adults is carried out in line with the Adult Support and Protection (Scotland) Act 2007. An adult at risk is someone aged 16 or over who is unable to safeguard their own wellbeing, property, rights or other interests, and who is at risk of harm. If concerns arise about an adult at risk, the therapist will:

  • Assess risk and capacity

  • Encourage the client to seek support where appropriate

  • Share information with relevant services if there is serious risk or lack of capacity

  • Make a safeguarding referral under the Care Act 2014 if required

9. Working with Couples and Families

When working with couples and families:

  • Safeguarding concerns relating to any individual member will be prioritised

  • The therapist may need to share information outside the therapeutic system if risk is identified

  • Clear boundaries regarding confidentiality and information‑sharing are discussed at the outset

10. Recording and Information Sharing

For both in-person and online work:

  • Safeguarding concerns are recorded clearly, factually and promptly

  • Records are stored securely using encrypted digital systems or locked physical storage

  • Information is shared on a need-to-know basis only

For online work specifically:

  • The therapist confirms the client’s current physical location at the start of sessions where safeguarding risk may be present

  • Emergency contact details are held and reviewed regularly

  • Clear plans are agreed for managing risk, disconnection or emergencies during online sessions

  • Safeguarding concerns are recorded clearly, factually and securely

  • Records are stored in line with GDPR and data protection requirements

  • Information is shared on a need‑to‑know basis only

11. Supervision and Professional Support

The therapist:

  • Discusses safeguarding concerns arising from both in-person and online work in clinical supervision

  • Seeks additional professional or legal advice when needed

  • Undertakes regular safeguarding and online working training to maintain competence The therapist:

  • Discusses safeguarding concerns in clinical supervision

  • Seeks additional professional or legal advice when needed

  • Undertakes regular safeguarding training to maintain competence

12. Allegations Against the Therapist

Any allegation of abuse or misconduct by the therapist will be:

  • Taken seriously

  • Managed in line with local safeguarding procedures

  • Reported to the appropriate professional body (UKCP/BACP) where required

13. Review of Policy

This safeguarding policy is reviewed regularly and updated in line with changes to legislation, professional guidance or practice.

Date of last review: _____February 2026_______________

Next review due: _____February 2027_______________

SOCIAL MEDIA
 

1. Purpose of the Policy

This social media policy outlines how the therapist uses social media and digital platforms in a way that is ethical, professional and consistent with the UK Council for Psychotherapy (UKCP) and the British Association for Counselling and Psychotherapy (BACP) ethical frameworks. It applies to the therapist’s work in private practice in Scotland.

The policy aims to:

  • Protect clients and the therapeutic relationship

  • Maintain clear professional boundaries

  • Safeguard confidentiality and privacy

  • Support transparency and trust

2. Scope

This policy applies to:

  • All professional social media accounts used by the therapist

  • Personal social media use where this may impact professional identity

  • All online platforms, including (but not limited to): Facebook, Instagram, X/Twitter, LinkedIn, TikTok, blogs, forums and messaging apps

3. Ethical Framework

This policy is informed by:

  • UKCP Ethical Principles and Code of Professional Conduct

  • BACP Ethical Framework for the Counselling Professions

  • Data Protection Act 2018 and UK GDPR

  • Scottish legal and safeguarding frameworks

4. Professional Boundaries

To protect clients and the integrity of the therapeutic relationship:

  • The therapist does not accept friend or follow requests from current clients on personal or professional social media accounts

  • The therapist does not initiate online contact with clients via social media

  • Clients are discouraged from interacting with the therapist’s social media content in ways that may compromise their privacy (e.g. commenting publicly)

  • Boundaries around online contact are discussed as part of informed consent

If a former client makes contact via social media, this will be considered carefully in line with ethical guidance, time elapsed since therapy ended, and potential impact on boundaries and confidentiality.

5. Confidentiality and Privacy

  • The therapist never discloses identifying information about clients on social media

  • Clinical material is not shared online

  • Any educational or reflective content shared is fully anonymised and cannot reasonably be linked to a client

  • Care is taken to ensure that posts cannot indirectly identify individuals or families

Clients are reminded that social media is not a confidential means of communication.

6. Communication with Clients

  • Social media is not used for therapeutic communication

  • Appointment arrangements, cancellations or brief administrative contact may take place via agreed professional channels only (e.g. email or practice management systems)

  • Direct messaging on social media platforms is not used for clinical matters

7. Online Presence and Professional Conduct

The therapist aims to ensure that:

  • Content shared is respectful, accurate and consistent with professional values

  • Personal views expressed online do not undermine public trust in the profession

  • The therapist does not engage in online behaviour that could be perceived as discriminatory, abusive or harmful

The therapist recognises that online activity may be publicly accessible and long-lasting.

8. Use of Social Media for Marketing and Information

Where social media is used for professional purposes:

  • Information shared is factual and not misleading

  • Claims about services, qualifications or outcomes are accurate

  • Social media is not used to provide personalised therapeutic advice

  • Testimonials and reviews are managed ethically and in line with professional guidance, for instance UKCP guidance does not allow the use of testimonials on a therapist’s website

9. Safeguarding Considerations

  • The therapist does not use social media to respond to safeguarding disclosures

  • Any safeguarding concerns arising from online content are managed in line with the therapist’s Safeguarding Policy

  • Emergency or crisis support is not provided via social media

10. Client Searches and Online Information

  • The therapist does not routinely search for information about clients online

  • Any exceptional decision to access publicly available information about a client would be ethically justified, discussed in supervision, and documented

11. Breaches of the Policy

Any concerns about breaches of this policy will be:

  • Reflected upon and discussed in supervision

  • Addressed promptly and ethically

  • Managed in line with UKCP/BACP complaints and fitness to practise procedures if required

12. Review of Policy

This policy is reviewed regularly to ensure continued compliance with ethical guidance and legal requirements.

Date of last review: ___February 2026_________________

Next review due: ___February 2027_________________

PRIVACY
 

. Introduction

This privacy policy explains how I collect, use, store, and protect your personal data as part of the therapy intake process and ongoing therapeutic work.

It is written to support informed consent and transparency, in line with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and UK Council for Psychotherapy (UKCP) ethical requirements.

I am committed to protecting your privacy and handling your personal information with care, clarity, and respect.

2. Data Controller

I am the data controller for the personal data I hold as a sole practitioner.

Name: Fiona Murray
Professional role: Psychotherapist / Counsellor/Coach/ Personal Consultant (Sole Practitioner)
Email: FMAM@aol.com
Practice: Private practice

I am registered with the Information Commissioner’s Office (ICO).

3. What Information I Collect

As part of the intake process and ongoing therapy, I may collect and store the following types of personal data:

  • Your name and contact details (email address, phone number)

  • Emergency contact details

  • GP name and practice details

  • Intake and assessment information

  • Brief clinical notes relating to sessions

  • Correspondence relating to therapy (emails or messages)

  • Payment and invoicing records

  • Information relevant to online sessions (such as session times and platform used)

I only collect information that is necessary to provide psychotherapy safely, ethically, and in line with professional and insurance requirements.

4. Lawful Basis for Processing

Under UK GDPR, the lawful bases I rely on for processing personal data are:

  • Contract: to provide psychotherapy/counselling/coaching/personal consultancy services

  • Legal obligation: to meet professional, ethical, and insurance requirements

  • Legitimate interests: for safe and effective therapeutic practice

  • Vital interests: if there is a serious risk to your life or the life of another

  • Consent: where required (for example, contacting a GP outside of emergency situations)

5. How Your Information Is Used

Your information is used to:

  • Provide psychotherapy/counselling/coaching/personal consultancy sessions

  • Maintain safe and effective practice

  • Manage appointments and communication

  • Meet UKCP, insurance, and legal requirements

  • Respond appropriately to risk or safeguarding concerns

I do not sell, trade, or share your personal data for marketing purposes.

6. Confidentiality and Its Limits

Confidentiality is a fundamental part of therapy. Your information will not be shared without your consent except in the following circumstances:

  • If there is a serious risk of harm to you or another person

  • If there are safeguarding concerns involving children or vulnerable adults

  • If disclosure is required by law (e.g. court order)

  • If required by my professional body or insurer

Where possible, I will aim to discuss any need to share information with you beforehand.

7. Online Therapy and Digital Data

For online work:

  • Sessions are conducted using secure, reputable platforms

  • Sessions are not recorded

  • Emails and messages are used for practical communication only

Please note that while I take steps to ensure digital security, online communication can never be completely risk-free.

8. Data Storage and Security

As a sole practitioner, I am solely responsible for the secure handling of your personal data.

Your data is stored securely:

  • Electronic records are password-protected and encrypted where possible

  • Devices used for work are protected with passwords and security updates

  • Paper records (if any) are kept in a locked cabinet

  • Access to your data is restricted to me only

I take reasonable steps to protect your information from loss, misuse, or unauthorised access.

9. How Long I Keep Your Data

In line with UKCP and insurance guidance:

  • Adult client records are retained for 7 years after the end of therapy

  • Records for children and young people are retained until age 25 (or 26 if therapy ended at 17)

After this period, data is securely deleted or destroyed.

10. Your Rights and Consent

Under UK GDPR, you have the right to:

  • Access the personal data I hold about you

  • Request correction of inaccurate data

  • Request erasure (where applicable)

  • Request restriction of processing

  • Object to processing

  • Request data portability

  • Withdraw consent (where consent is the lawful basis)

To exercise these rights, please contact me using the details above.

11. Complaints

If you have concerns about how your data is handled, please raise them with me in the first instance.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO): www.ico.org.uk

12. Changes to This Policy

This privacy policy may be updated from time to time to reflect changes in legal or professional requirements. The most current version will always be available on request.

Last updated: February 2026

CONFIDENTIALITY

 

Purpose

This Confidentiality Policy sets out how confidentiality is maintained, protected, and ethically managed in accordance with the UK Council for Psychotherapy (UKCP) Ethical Principles and Code of Professional Conduct, the British Association for Counselling and Psychotherapy (BACP) Ethical Framework, and applicable UK law, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

The aim of this policy is to ensure that clients understand how their personal information is handled and the circumstances under which confidentiality may be limited.

2. Scope

This policy applies to all services provided by Fiona Murray Therapy, a private practice offering counselling, psychotherapy, coaching, and personal consultancy, including:

  • Individual psychotherapy and counselling

  • Assessment sessions

  • Online, telephone, and face-to-face work

  • Clinical records, correspondence, and digital data

3. Definition of Confidentiality

Confidentiality refers to the ethical and legal duty to protect information disclosed by clients during the course of therapy. All personal information shared within the therapeutic relationship is treated as confidential and is not disclosed to third parties without the client’s consent, except in specific circumstances outlined in this policy.

4. Commitment to Confidentiality

In line with UKCP and BACP ethical principles of trust, respect, integrity, and professional responsibility, Fiona Murray Therapy is committed to:

  • Respecting client privacy and dignity

  • Safeguarding all personal and sensitive information

  • Being transparent about the limits of confidentiality

  • Handling information lawfully, fairly, and securely

 

 

 

5. Limits to Confidentiality

Confidentiality is not absolute. Disclosure of confidential information may occur without client consent in the following circumstances:

5.1 Risk of Serious Harm

If there is reasonable concern that the client poses a serious risk of harm to themselves or others, confidentiality may be breached in order to safeguard life. Only relevant information will be disclosed, and wherever possible, this will be discussed with the client beforehand.

5.2 Safeguarding Concerns

If there is a safeguarding concern involving a child, young person, or vulnerable adult, information may be shared with appropriate safeguarding authorities in accordance with statutory requirements.

5.3 Legal Requirements

Confidential information may be disclosed if required by law, including:

  • Court orders or subpoenas

  • Serious crime prevention or investigation

5.4 Professional Supervision

Client work is discussed in confidential clinical supervision as required by UKCP training standards and BACP accreditation requirements. Identifying details are anonymised wherever possible, and supervisors are bound by the same standards of confidentiality.

6. Client Consent

  • Confidentiality and its limits are explained at the start of therapy and revisited as needed.

  • Written or verbal consent will be sought before sharing information with third parties (e.g., GPs or other professionals), unless an exception outlined above applies.

7. Record Keeping

  • Accurate and appropriate records are maintained in line with UKCP guidance and BACP accreditation requirements.

  • Records may include session notes, assessments, correspondence, and administrative information.

  • Notes are factual, respectful, and relevant to therapeutic work.

 

8. Data Protection and Storage

All personal data is handled in accordance with UK GDPR and the Data Protection Act 2018.

8.1 Storage

  • Paper records are stored securely in locked storage.

  • Electronic records are stored on password-protected, encrypted devices or secure systems.

8.2 Retention

  • Records are retained only for as long as necessary and in accordance with professional and legal guidelines.

  • Records are securely destroyed once the retention period expires.

8.3 Client Access

Clients have the right to request access to their personal data in line with data protection legislation, subject to limited legal and ethical exemptions.

9. Confidentiality in Online and Remote Work

  • Reasonable steps are taken to ensure privacy and security in online and telephone sessions.

  • Clients are encouraged to ensure they are in a private space during remote sessions.

  • Digital communication is kept to a minimum and used primarily for administrative purposes.

10. Breaches of Confidentiality

Any actual or suspected breach of confidentiality will be taken seriously and addressed promptly, including:

  • Assessing risk and impact

  • Informing affected parties where appropriate

  • Taking steps to prevent recurrence

11. Complaints

Clients who have concerns about confidentiality are encouraged to raise them directly with Fiona Murray Therapy. Clients also have the right to follow the UKCP complaints procedure if concerns cannot be resolved locally.

 

12. Professional Status and Review of Policy

12.1 Professional Status

The practitioner works in private practice as a UKCP trainee psychotherapist and is a BACP-accredited practitioner. All services are delivered in accordance with the scope of training, competence, and ongoing professional development requirements of both organisations.

13. Review of Policy

This policy is reviewed regularly to ensure ongoing compliance with UKCP standards, legal requirements, and best practice.

Last reviewed: February 2026

Next review due: February 2027

bottom of page