1. Purpose
This framework supports practitioners in systematically identifying and managing risks associated with delivering services online. It ensures safe, ethical, and effective practice by addressing risks related to privacy, technical reliability, safeguarding, and client vulnerabilities.
2. Scope
Applies to all:
Prior Mindset practitioners, staff, and associates delivering online or telephone-based sessions.
All client groups (adults, children, and young people).
All platforms approved for use (Microsoft Teams, Zoom Healthcare/Enterprise).
3. Policy Statement
Online sessions present unique risks that must be assessed and mitigated before services begin.
Practitioners are responsible for conducting risk assessments and documenting them in WriteUpp.
Risks will be reviewed regularly, especially where client circumstances change.
4. Risk Domains
The framework covers five key domains:
A.
Client Identity & Location
Verify client identity (full name, DOB, consent form in WriteUpp).
Confirm client’s current physical location at each session.
Ensure up-to-date emergency contact details are recorded.
B.
Privacy & Environment
Confirm the client has a safe, private space free from interruptions.
Practitioner must deliver sessions in a secure, confidential environment.
For children/young people: ensure parental consent and safeguarding arrangements are in place.
C.
Technology & Security
Ensure client is using a secure device and connection (preferably password-protected Wi-Fi, not public).
Practitioner devices must be encrypted, updated, and compliant with security standards.
Establish backup communication (e.g. switch to telephone) in case of technical failure.
D.
Safeguarding & Vulnerability
Assess for any safeguarding concerns or vulnerabilities (children, adults at risk, domestic violence, exploitation).
Apply the Child Safeguarding Policy or Adult Safeguarding Policy if concerns are identified.
Consider the client’s ability to access emergency support if in crisis.
E.
Clinical & Emotional Risk
Screen for risk of self-harm, suicidal ideation, or harm to others.
Identify any mental health, cognitive, or communication difficulties that may impact online engagement.
Apply the Crisis & Emergency Management Policy if immediate concerns arise.
5. Risk Assessment Process
Step 1: Initial Assessment
Completed at intake, recorded in WriteUpp.
Covers all five domains listed above.
Step 2: Ongoing Assessment
At the start of every session, reconfirm location, privacy, and emergency contacts.
Monitor for changes in risk factors (mental health, safeguarding, technical access).
Step 3: Response & Mitigation
Apply relevant policies (Safeguarding, Crisis, Remote Session Protocol).
Record mitigation actions (e.g. adjusted scheduling, additional support, referral to external services).
Step 4: Review
Risks reviewed at each supervision session.
Update WriteUpp records if circumstances change.
6. Documentation
All risk assessments and updates must be documented in WriteUpp under the client record.
Significant risks must also be logged in the Safeguarding Log.
7. Responsibilities
Practitioners
Complete initial and ongoing risk assessments.
Take action immediately if risks escalate.
Document clearly and accurately.
Management / DSL
Provide staff training in online risk assessment and safeguarding.
Audit compliance through random record checks.
Support practitioners with high-risk cases through supervision.
8. Monitoring and Review
Compliance with this framework will be reviewed quarterly.
Lessons learned from incidents will be integrated into future training.
Policy reviewed annually or sooner if legislation changes.
9. Policy Ownership
Owned by: Senior Management Team / Designated Safeguarding Lead
Applies across all Prior Mindset services and platforms.