Privacy Notice for Young People and Clients
Privacy Notice for Young People and Clients
You may be aware of the laws relating to General Data Protection Regulation (GDPR) that came into effect on 25th May 2018. As technology develops and as our private information could be used and shared, people were becoming increasingly worried about security-this was why GDPR was brought in. The purpose of GDPR is to provide a set of standardised data protection laws across all EU member countries to make sure that your data (i.e. Information about you) is as safe as possible.
This document sets out how Meadows Care and Meadows Psychology Service (MPS) comply with these laws and will explain how we use your personal data and the types of data that we may share or process. It also explains your privacy rights and how we will be careful, fair and transparent in how we treat your personal information and ‘data’.
The categories of young people’s information that we are likely to collect, process, hold and share include:
- Personal information (such as name, address, date of birth, next of kin, legal status)
- Information such as gender, ethnic group
- Placement package including risk assessments and care plan
- Medical information and conditions
- Special Educational Needs
- Monitoring and transition documents
- Assessment Information.
Why we collect and use this information:
- To safeguard our young people
- To support our young people
- To monitor and report on young people’s progress
- To enable us to provide appropriate care, meeting the needs of the young people
- To assess the quality of our service.
Whilst the majority of young people’s information you provide to us is mandatory, some of it is provided to us on a voluntary basis. In order to comply with the General Data Protection Regulation, we will inform you whether you are required to provide certain young people’s information to us or if you have a choice in this.
We may also collect data about who is using our website and who contacts us via the telephone/email. We will only have the information that you provide.
Who we share people’s information with
We routinely share young people’s information with organisations such as:
- Internal/external professionals involved with the young people
- Reg 44 Independent Visitors
- Local authorities
- The Department for Education (DfE)
- Ofsted Regional Inspectors
- The police.
Why we share information
We do not share information about our young people with anyone without consent unless the law and our policies allow us to do so. Meadows Care control who has access to any personal information held.
We share young people’s data with internal and external professionals on a need to know basis, to enable appropriate risk assessing to ensure the care planning is appropriate to their needs.
We are required to share information about our young people with our local authority (LA) and the Department for Education (DfE) under section 3 of The Education (Information About Individual Pupils) (England) Regulations 2013.
We use some IT systems to process data and we ensure that they are all GDPR compliant.
There are some exceptional circumstances where MC or MPS might legally or ethically have to share information with relevant bodies. This may be for example, if we have reason to believe someone is at risk to themselves or to someone else; if the courts instruct us or if we are informed of another illegal activities or risks such as terrorism.
We hold previous young people’s/clients data for 75-years via secure archiving as per regulations.
How we ensure the security of personal information
We control who has access to personal information.
Personal information is also stored on a secure server owned by Meadows Care. Malware and antivirus protection is installed on all computing devices.
Your right to access the personal information we hold about you.
- You have a right to access the information we hold about you. To make a request for your personal information please email GDPR@meadowscare.co.uk or write to HR at Head Office using the address below
- We will usually share this with you within 30 days of receiving a request
- There may be an administration fee for supplying the information to you
- We may request further evidence from you to check your identity
- A copy of your personal information will usually be sent to you in a permanent form (that is, a printed copy)
- You have a right to get your personal information corrected if it is inaccurate
- You can complain to a regulator. If you think we haven’t complied with the data protection laws, you have a right to lodge a complaint with the Information Commissioner’s Office at https://ico.org.uk/concerns/.
If you would like to discuss anything further, please contact the GDPR officer:
Jonathan Rigg on GDPR@meadowscare.co.uk or write to Head Office using the address below:
Meadows Psychology Service,
Please sign and date.