Data Transparency Statement

Data protection laws in the UK give people a number of rights concerning their personal data. Not all rights apply equally to all our processing activity as certain rights are not available depending on the lawful basis for the processing.

These rights are:

1. Right to be informed

2. Right of access

3. Right to rectification

4. Right to erasure

5. Right to restrict processing

6. Right to data portability

7. Right to object

8. Rights in relation to automated decision making and profiling.

We want you to feel confident that we look after everyone’s personal data in line with the law. If you have any questions about your rights, you can get in touch with us at info@securecareuk.co.uk

Typically, we collect information from health and care organisations providing your care and would advise contacting them directly for a more complete record of your care or treatment. We do not hold your whole medical or care record.

 

If you would like to request a copy of your personal data that Secure Care UK is processing then you will need to complete a subject access request. Please email info@securecareuk.co.uk and place “Subject Access Request” in the title of the email.

 

Following your request, we may write back to you within the 30-day timeframe to request you to narrow or modify your requirements. This may also result in an extension of a further 40 days whilst we examine your request. Some information requests may fall under the Freedom of Information Act in which case if the request is significant it may be appropriate to charge for the time to complete the report.

There are very strict rules about who can access the personal data we process, and what it can be used for. When information is shared with other organisations, these organisations have to go through an audit and have a clear data management agreement in place with ourselves.

Where necessary Secure Care UK will undertake a Data Protection Impact Assessment prior to the commencement of any new major system project or any substantial new business relationship or contract. Copies of Data Protection Impact Assessments can be requested by way of an email to infor@securecareuk.co.uk

All data is retained and erased in accordance with our Record Management Schedule. Specific retention periods are identified within each processing purpose listed below. If a specific purpose requires a different retention period outside of our policy this will be explained.

If you wish to raise a complaint concerning NHS Digital’s processing activity, visit our Feedback and Complaints page. You also have the right to raise a concern with the Information commissioner’s Office at any time.

Click the link to see our full Information Governance Policy