The Child Psychology Service – Data Holding and Use Policy
Effective from 4th October 2025 (last update of this policy)
This policy outlines how The Child Psychology Service (TCPS) collects, stores, uses and protects personal and health information as part of our services.
1. Data We Collect
Personal details (e.g. name, DOB, contact information & location)
Relevant clinical, behavioural, and psychological information
Session notes, reports, assessments, correspondence and administration correspondence
Administrative records (invoices, appointments)
2. How We Store and Protect Your Information
All client records are stored within Cliniko, a secure, health-compliant practice management platform hosted in Australia. Cliniko ensures it complies with both the Australian Privacy Principles and the New Zealand Privacy Act. The company partners with Amazon Web Services (AWS) for its hosting and maintains high-security standards, including data encryption and daily backups, at its ISO 27001-certified data centres
Notes and reports are prepared by clinicians, sometimes with the assistance of confidential, AI-supported tools that do not store personal information and comply with privacy standards
We follow encryption, password protection, and access controls in line with the NZ Privacy Act 2020 and Health Information Privacy Code 2020
3. Use of AI-Assisted Documentation Tools
As part of our commitment to providing timely, accurate and comprehensive therapeutic support The Child Psychology Service may use secure AI-assisted tools to support the creation of clinical notes and session summaries. These tools are strictly used by clinicians and are designed to assist in structuring notes based on the clinician’s own professional input.
All AI tools used by our team:
Are compliant with international health data privacy standards (e.g. HIPAA, NZ Privacy Act, Health Information Privacy Code 2020)
Do not store or retain raw audio or identifiable data as their own entity (data is stored only within our secure practice management platform)
Are only used after the session (not live-recorded) or with full informed consent when needed (your practitioner will ask you in advance for your consent)
Are overseen by the treating clinician, who remains fully responsible for the accuracy and integrity of the final notes
Clinicians always review and approve any documentation generated using these tools.
These technologies assist with reducing administrative load and allow our team to focus more time on client care. If you would prefer that AI-assisted tools are not used in your case, please let us know and we will ensure your preferences are followed.
You can opt out of the use of these tools at any time by informing your clinician or emailing info@thechildpsychologyservice.co.nz
4. Who Can Access Your Data
Only your treating clinician and clinical supervisor
Admin staff (for bookings, billing)
Other professionals (e.g. schools, doctors, psychiatrist or other multi-discipclinirary team members) only with your written consent
We may be legally obligated to disclose information in situations of serious safety risk
5. How Long We Keep Your Data
Client records are kept for a minimum of 7 years after the last appointment, as required by NZ regulations
After that, records may be securely deleted or archived
6. Your Rights
You have the right to:
Access your records
Request corrections
Withdraw consent at any time (noting this may affect ongoing care)
To request access or a correction, email: info@thechildpsychologyservice.co.nz