We Are Survivors works hard to be and remain compliant with the General Data Protection Regulation (GDPR), which came into effect in 2018, superseding the Date Protection Act 1998 and is registered with the ICO (No: Z297024). More information on GDPR can be found on the ICO (Information Commissioner’s Office) website.
Our main GDPR Policy can be found here: General Data Protection Regulation Policy
We also adhere to the following documents:
- Access to Client Records (ratified by Crown Prosecution Service)
- Code of Practice on Confidential Information
- Confidentiality Policy
- BACP Ethical Framework for the Counselling Professions
- BACP Ethical Guidelines for Research in the Counselling Professions
The documents ensure that everyone who works or volunteers for We Are Survivors has a set of guidelines that ensure confidentiality is respected and information and data is handled and managed correctly.
All information we collect, whether paper or electronic records is private and confidential, including any referral forms, assessments, client records and outcome forms; and the process of collecting, storing and retrieving your information must be secure.
You have the absolute right to expect any information collected that contains data on you must be kept private and stored securely. You also have rights to confidentiality under data protection, human rights legislation and the common law.
Why do we keep information?
We Are Survivors keeps information about you to enable us to provide safe and effective services, which meet both your needs and the needs of the community we serve. Therefore we need to collect demographic information such as:
- your GP practice
and clinical information such as:
- type of service accessed
- scores on clinical measures
- health conditions
Your information is stored either in paper form, in locked filing cabinets in a secure location, or electronically on a secure server with restricted access via username and password.
How do we use your information?
Your worker, their supervisor/manager and admin worker will usually be the only people authorised to access your information. These workers are authorised so they can record data in the relevant place and system that will help us ensure we are providing an effective service for you.
Other members of the management team may need to access your information to investigate complaints, incidents or to audit services.
Information is also used more generally to monitor performance and evaluate the effectiveness of services; in these circumstances your name and any other details which may identify you will be removed prior to analysis and publication.
An example of when we would use this type of data would be in our annual report, which we are required to submit every year to the Charity Commission; or when we are reporting to our funders on the activities we have delivered.
When can we share your information?
Sometimes we will need to share information to people outside of We Are Survivors who are involved in your care. This would include people like your GP or agencies and organisations within your care plan that are there to help you safeguard your health and wellbeing.
We will discuss with you about sharing information with these people and seek your permission first. You will be informed of the type of information shared in this way the reasons for it.
However, there are times when we may have to share information without your permission. These situations would be when:
- there is a serious and immediate risk of harm to you or others (e.g. children and vulnerable adults); or
- information is required to be used in court and a court order has been issued by a judge
We always aim to discuss any breach of confidentiality with you when we need to share information, however we cannot guarantee this. It is important to us that we make this transparent as possible.
Your information will not be shared with anyone else without your written consent, which is why we ask you specifically during assessment if there is anyone or any agency you would like adding to the list of ‘consent to share information’.
All our staff and volunteers are required to adhere to our confidentiality and information security policies. If anyone breaches our data and confidentiality policies, we will inform you and we will take appropriate action.
How do you see the information we keep on you?
You have the absolute right to view the information we keep about you. It is good practice for us to show you this information and explain it if necessary.
You should ask your worker if you can see a record of your access to the service and would only refuse if they feel that it could harm you or someone else if you viewed the information.
You may also obtain a copy of the information we keep about you or authorise a third party to be provided with your information.
However there are some exceptions to this and depending on the work involved you may be charged a fee.
Please note also that we cannot provide private reports.
For further information please contact:
Deputy Chief Executive Officer
Unit 9 Brewery Yard
Deva City Office Park
T 0161 236 2182 (24hr Voicemail)
F 0161 839 8454
E [email protected]
To download a copy of this guide, please click on the link below