On 25 May 2018, the law changed with regard to how organisations have to protect your ‘data’ (personal details and records) and this is called the General Data Protection Regulation or GDPR.
The following summary highlights what to expect when Behavioural Resilience collects personal information.
N.B. It is assumed that by engaging with this service you are consenting to records being kept.
If you have any questions about this statement, please contact:
Data Protection Officer
info@behaviouralresilience.com
How do we collect information?
We will obtain personal information from you when you make contact with us for our services, or when you are referred to us by a third party.
What information do we collect?
The type of information we collect might include basic contact information such as name, address, email, contact number, online ID, employer name, and GP contact details if needed. Photo ID may be requested. We might collect sensitive personal data such as Health & Social Care records, clinical notes, letters, reports, psychometrics and employment records.
How do we use this information?
We will use your personal information to provide you with the services, products or information you have requested, or which has been requested via a third party. Examples of third parties include your organisation or a regulator.
How do we protect personal information?
We take appropriate measures to ensure the information disclosed to us is kept secure, accurate and up to date and kept only for so long as is necessary for the purposes for which it is used. Any sensitive data attached in an email attachment will be password protected unless otherwise requested by yourself
How long do we store information?
We will store your information for only as long as is necessary for the purpose it has been provided. We do not routinely hold data where there is no valid purpose. Clinical data may be held indefinitely in line with standard clinical practice.
Will we disclose the information we collect to outside parties?
We do not routinely share your information. If there is a need to disclose your information we will always seek your permission unless mandated to do so by law. We treat all health information as medical in confidence and will not break confidentiality unless there is a significant reason e.g. serious risk to self or others. Where we do break confidentiality in relation to risk, we will always aim to let you know first unless doing so would increase the risk.
Right of access
You have the right to ask for a copy of the information we hold about you (for which we may charge a small fee) and to have any inaccuracies in your information corrected. Please email info@behaviouralresilience.com to ask for a copy of the information we hold about you if you wish to have a copy.
If you think that Behavioural Resilience has not complied with data protection laws, you have a right to lodge a complaint with the Information Commissioners Office (ICO) https://ico.org.uk.