The security of your information is important to us. All your details are kept in line with the Data Protection Act (1988) and the General Data Protection Regulations (2018). We keep your records to provide efficient and effective speech and language therapy services. We hold personal, academic, medical, lifestyle, social, ethnicity and religious data about your child and your family. In accordance with the Code of Practice for Health and Social Care Records (2016), your child’s records will be retained until he/she reaches the age of 25. We may share your child’s data with other professionals involved with the care of your child only with your written consent. Parents/guardians have the right to access their child’s information, request amendment to documentation – when they feel there has been an error/ omission, or withdraw their consent to treatment.
Requests for this should be made to the Therapist in the first instance:
Amanda Duncan
Tel: 07867 792157
Email: Click to send email
Data Protection Policy
Data Controller: Amanda Duncan, Inglewood, Shotteswell, OX17 1HU
Nature of Work: Speech and Language Therapy
Lawful Basis for Processing Information
- In accordance with the Data Protection Bill (2017), Schedule1, part 1: data processing is necessary for health purposes.
- In accordance with the General Data Protection Regulations (GDPR), (May 2018), Article 9 (h) data processing is necessary for the purposes of preventative medicine and the provision of healthcare treatment.
Purpose for Processing data
We process data to enable us to provide efficient and effective speech and language therapy services to children, families and educators to maintain our accounts and records.
Information Held
We hold the following information about children and their families:
- Personal, i.e. address, DOB, telephone and email contacts
- Academic, i.e. levels of academic abilities
- SLCN (Speech, language and Communication Needs), i.e. assessment results, diagnosis, treatment, management plans and outcomes.
- Information from educators and other professionals involved in the child’s care.
- Medical, i.e. diagnosis, treatment and outcomes
- Lifestyle and Social, i.e. housing, family circumstances
- Ethnicity, i.e. language spoken at home
- Religious or other beliefs
We also hold contact details for professionals and other agencies involved in the child’s care.
Sharing Information
We share information with educators and other professionals involved in the child’s care, only when specific written consent from parents has been given.
Retention of Information
It is a regulatory requirement of the Records Management Section in the Health & Social Care Policy (2016) that Children’s records be retained until the child is aged 25 years.
Security of Information
- All electronic records are held in password protected systems.
- Paper records are transported in a bag, in the locked boot of the Therapist’s car.
- Laptops are locked at all times when left unattended.
- When data is retained at the Therapist’s premises it is stored in a cabinet in a locked building.
- Electronic documents are password protected when emailed to parents/educators/other professionals.
- Hard copies of reports and therapy instructions are passed directly to parents/educators or sent in the post.
Erasure of Data
When a child reaches the age of 25 years, his/her information will be securely destroyed.
Parental Rights
Parents have the right to:
- Access information about their child. Requests for this should be made in writing to the Data Controller. Where such requests are made, the Therapist will provide that information within 40-days, unless exceptional circumstances exist. Administrative costs may be applied in some circumstances i.e. excessive or unrealistic requests.
- Withdraw consent to treatment at any time, by contacting the Therapist in the first instance, in writing. Records must be retained until the child is aged 25 years to comply with regulatory conditions – see Retention of Information, above.
- Request records to be rectified or amended by contacting the Data Controller by telephone in the first instance. The requester may be asked to put their request in writing.
- Where rectifications, amendments or withdrawal of consent are made, the educators/other professionals will be notified of the details in writing by the Therapist.
- Lodge a complaint. They should do this with the Therapist in the first instance. If the complaint cannot be resolved, then parents have the right to lodge a complaint with the Health Care Professionals Council.
- Complain about data protection/processing to the Information Commissioner’s Office (ICO).
Data Breach
In the unlikely event of a data breach the Therapist will notify the relevant parties within 48 hours of the breach being identified. Serious breaches will be notified to the Information Commissioner’s Office (ICO) within 72 hours.
Recent Comments