Your privacy is important to us. This notice is provided by the Beeches Homecare Services with the intention of demonstrating that we process your personal information fairly and lawfully. We are a controller and processor of your personal data under data protection laws, including from the 25th May 2018 the General Data Protection Regulation (GDPR).
This notice explains how we collect, use, share and protect your personal data. Please read the information in this notice carefully to understand what we do with your personal data.
Whose data do we collect?
We collect and process personal data about individuals who may be current, prospective or former clients, collectively referred to as “you”.
What kind of data do we collect?
We collect from you personal data such as your name, address, date of birth and next of kin. We also keep records of your care and support requirements. We have information that other people, who know you, have given us, such as relatives, GP’s or other health care professionals. We will have information that you have given us about yourself, and this may include personal sensitive information such as sexuality, race, your religion or beliefs and whether you have a disability, allergies or a health condition. This sort of information is important for us to have so that we can deliver appropriate care for your needs.
Sensitive data kept at your home
We keep a blue folder at your home that contains personal sensitive information such as your care plan and your medication records. We also maintain a written record “daily client notes” at each visit we make to you, and these are also kept in the blue folder. This is so we can evidence that care has been provided in accordance with your care plan.
Please note that protecting the privacy of the information kept in the blue folder is your responsibility. The actual documentation in the blue folder remains the property of the Beeches.
How we use your personal data?
We use your data in performing our contract with you and for our legitimate business interests which do not override your interests or fundamental rights. This data helps form the decisions that we make about your care and ensures that your care and support is safe and effective.
We use your data to work effectively with other organisations who may be involved in your care, and we use this to review your care to ensure it is of the highest standard.
We use your data for staff training purposes, recording and monitoring and for quality assurance and generally for interacting with you.
Who do we share your personal data with?
We share your data with other health care professionals, relatives or advocates and with our employees on a need to know basis. Where there are third parties involved in our business activities such as our accountant, our IT consultant we ensure that they do so in accordance with our instructions and that appropriate security measures are put in place.
How do we protect your personal data?
Information is retained in secure electronic and paper records and access is restricted to only those who need to know. We have implemented the appropriate technical and organisational security measures which include physical and technical security safeguards.
We are registered with the Information Commissioners Office (ICO).
How long do we hold your personal data for?
We may retain your personal data for as long as it remains necessary in relation to the purposes we collected the information for. When determining how long this is we consider our contractual, legal and regulatory obligations and our legitimate business interests.
Our Retention and Disposal Schedule is available on request.
What are your rights in relation to the personal data we hold about you?
Subject to the conditions prescribed in applicable laws, you have the right to
- Access, rectify or request erasure of your personal data
- To ask us to restrict processing it
- To request portability of it
- Withdraw consent