The primary concern in keeping the patients' confidentiality is in protecting their therapy records. The files should be stored in a secure locked cabinet, where nobody except for the therapist would be able to access them. Instead of using the patients' names in the files, the clinician should keep separate coded notes and identifying details, just in case if a burglar, for example, was to break in the office (Feltham, 2002). The keys to the cabinet would be better off on the therapist's keychain, rather than being left in the office overnight.
Keeping computer copies of the files opens up more vulnerability issues. In case the computer has a permanent internet connection, it can be easily hacked. For this reason, a firewall has to be on at all times. A hardware firewall, though initially more expensive, should be preferred to a software one, as it is substantially harder to hack. It would be even better for the files not be saved on the hard disk itself but on separate disks, e.g., floppy, using a coding system and no names. No one except for the clinician should have access to the office computer.