How do we look after your information and how long for?

The requirement to protect your personal information is governed by Data Protection Legislation including the Data Protection Act (DPA) and the General Data Protection Regulation (GDPR). In line with these requirements all information that we hold about you will be held securely and confidentially.

We use administrative and technical controls to do this. We use strict controls to ensure that only authorised staff are able to see information that identifies you. Only a limited number of authorised staff have access to information that identifies you where it is appropriate to their role and is strictly on a need-to-know basis.

All of our staff, contractors and committee members receive appropriate and on-going training to ensure they are aware of their personal responsibilities and have contractual obligations to uphold confidentiality, enforceable through disciplinary procedures.

We will only use the minimum amount of information necessary about you.

We will only retain information in accordance with the schedules set out in the Records Management Code of Practice for Health and Social Care 2016.