Privacy Notice for Young People and Clients

Home » Privacy Notice for Young People and Clients

Meadows Psychology Service (MPS) is a limited company registered in England (Company No. 14706434).

We are registered with the Information Commissioner’s Office (ICO), the UK data protection regulator (Registration No. ZB620894). For the purposes of data protection laws, Meadows Psychology Service is the ‘data controller’ for any personal information we hold about you.

Data Protection Officer – Rebecca Dyson, HR Director

gdpr@meadowspsychologyservice.co.uk

MPS collects and processes personal data relating to its clients to maintain information about health, treatment, care and the provision of psychological services. This is in order to provide the best possible support.

MPS is committed to being transparent about how it collects and uses that data and to meeting data protection obligations.

You may be aware of the laws relating to General Data Protection Regulation (GDPR) that came into effect on 25th May 2018. As technology develops and as our private information could be used and shared, people were becoming increasingly worried about security-this was why GDPR was brought in. The purpose of GDPR is to provide a set of standardised data protection laws across all EU member countries to make sure that your data (i.e. Information about you) is as safe as possible.

This document sets out how Meadows Psychology Service (MPS) comply with these laws and will explain how we use your personal data and the types of data that we may share or process. It also explains your privacy rights and how we will be careful, fair and transparent in how we treat your personal information and ‘data’.

The categories of young people’s information that we are likely to collect, process, hold and share include:

Personal information (such as name and preferred name, address, date of birth, next of kin, contact details, legal status)
Information such as gender, ethnic group
Therapeutic care plans and any plans relating to support
Medical information and conditions
Special Educational Needs
Monitoring and transition documents
Assessment Information.
Personal information from people who care for and know you such as relatives and health and social care professionals
Whether you are subject to any protection orders

Why we collect and use this information:

To safeguard children and young people
To support children and young people and ensure that the team member involved in your support has accurate and up to date information to assess and advise
To monitor and report on children and young people’s progress
To enable us to provide appropriate psychological support to children and young people and to the services who support them
To assess the quality of our service.
To enable us to support the services you are involved with and help them understand you and your needs better

Where possible, we will always look to anonymise/pseudonymise your personal information so as to protect client confidentiality, unless there is a legal basis that permits us to use it, and we will only use or share the minimum information necessary.

Why does the organisation process personal data?

Any personal information we hold about you is processed for the purposes of:

“the provision of health or social care or treatment or the management of health of social care systems and services” under chapter 2, article 9 (2) (h) of the UK GDPR

Whilst the majority of children and young people’s information you provide to us is mandatory, some of it is provided to us on a voluntary basis. In order to comply with the General Data Protection Regulation, we will inform you whether you are required to provide certain young people’s information to us or if you have a choice in this.

This personal information can be held in a variety of formats, including paper records and electronically on computer systems.

It is important for us to have a complete picture of you as this will help our team deliver appropriate treatment and care plans in accordance with your needs.

Other Data

We may also collect data about who is using our website and who contacts us via the telephone/email. We will only have the information that you provide.

Who we share people’s information with

We may need to share relevant personal information with other organisations. For example, we may share your information for healthcare purposes with health authorities such as NHS England, general practitioners (GPs), ambulance services, primary carers etc.

We may need to share information from your records with other organisations from which you are also receiving care, such as Social Services or private care homes. However, we will not disclose any health information to third parties unless there are specific circumstances, such as when the health or safety of others is at risk, where current legislation permits or requires it or where we have your explicit consent.

There may also be situations where we are under a duty to share your information due to a legal requirement as set out below. MPS is required to protect your personal information, inform you of how your personal information will be used, and allow you to decide if and how your personal information can be shared. Personal information you provide to the Therapist in confidence will only be used for the purposes explained to you and to which you have consented, unless there are exceptional circumstances, such as:

when the health or safety of others is at risk
where the law requires it
where there is an overriding public interest to do so

Where there is cause to do this, the organisation will always do its best to notify you of this sharing.

MPS will not transfer your data to countries outside the UK.

How do we protect your data?

We use some IT systems to process data and we ensure that they are all GDPR compliant.

Your personal information is held in both paper and electronic formats for specified periods of time.

We hold and process your information in accordance with the General Data Protection Regulation (GDPR) in conjunction with the Data Protection Act 2018, as explained above.

We have a duty to:

maintain full and accurate records of the support and care we provide to you
keep records about you confidential and secure
provide information in a format that is accessible to you

Your personal information will only be kept for as long as is necessary.

For how long does the organisation keep data?

The organisation will hold your personal data for the duration of your activity with the organisation. The periods for which your data is held after the end of those sessions is 10 years.

How we ensure the security of personal information

We control who has access to personal information.

Personal information is also stored on a secure server owned by Meadows Care. Malware and antivirus protection is installed on all computing devices.

Your right to access the personal information we hold about you.

You have a right to access the information we hold about you. To make a request for your personal information please email gdpr@meadowspsychologyservice.co.uk or write to HR at Head Office using the address below
We will usually share this with you within 30 days of receiving a request
There may be an administration fee for supplying the information to you
We may request further evidence from you to check your identity
A copy of your personal information will usually be sent to you in a permanent form (that is, a printed copy)
You have a right to get your personal information corrected if it is inaccurate
You can complain to a regulator. If you think we haven’t complied with the data protection laws, you have a right to lodge a complaint with the Information Commissioner’s Office.

Further information

If you would like to discuss anything further, please contact the GDPR officer:

Rebecca Dyson on GDPR@meadowspsychologyservice.co.uk or write to Head Office using the address below:

Meadows Psychology Service,

Egerton House,

Wardle Road,

Rochdale,

OL12 9EN

This document will be reviewed on an annual basis.