The jurisdiction licensing a therapist will probably have requirements for records. The New York therapist must note the client’s name and date of treatment if the massage if given in “a health spa, resort or similar setting.” In the state of New York, therapists are required to keep “a record of client evaluations and treatments for six years or until the client turns 22, whichever is longer,” potentially longer than the Standards of Practice requires. New York has a rule that the client has a right to get a copy of his records. The “Massage Therapy Practice Act Rules” in Utah, on the other hand, requires no records (interestingly, Utah has a “Standards for Animal Massage Training”).

If files are on paper, they should be stored in a locked file cabinet. Fire extinguishers are probably required by local ordinance but a burglar alarm system for the office enhances the security of the files. If files are taken out for review, they should never be left in an area accessible to the public.

If files are kept on computer, they should be backed up regularly onto a media (such as flash drive) that is removable from the computer to avoid loss. The computer should be running an anti-virus program and a firewall program to avoid loss and unauthorized entry. Both these have versions available which can be constantly updated on the web. If the computer is running the Windows operating system, it should have the latest Microsoft updates. These will contain patches for problems. It is possible to sign up for Microsoft to automatically send these updates at no cost (see “Windows Update” on the Start Menu.)

Destruction of client records should be accomplished with a shredder that cross-cuts. This will provide a much smaller end result than a straight-cut shredder, providing better security. A cross-cut shredder can be purchased for approximately $60 though, incredibly, it is possible to spend almost $1,900.00 on one. Although probably more than most practices need, there are firms who will shred material you deliver to them and another that will bring a truck to the therapist and shred on-site. Failure to properly dispose of client records not only violates NCBTMB standard of practice but if a snooper can salvage client information, they may use it in such a way that leads back to the therapist, destroying therapist creditability and creating a nasty hole in the client base. Legal problems could also arise; the therapist may be sued by the client. If the licensing jurisdiction has a destruction of records requirement, violation may weaken the therapist’s hold on licensing.