Data Protection Policy Forms
Please print required form, fill in the details and scan or photo the form and send back to us by email to Support@evohelpdesk.co.uk or pop it in the post. Please keep the original for your records.
Policy information |
|
Organisation |
Evolution Healthcare Systems |
Scope of policy |
This policy applies to Evolution Healthcare Systems Data Processor – Janette Clennett |
Policy operational date |
10th May 2018 |
Policy prepared by |
Janette Clennett |
Date approved by Board |
10th May 2018 |
Policy review date |
To be reviewed in May 2021 |
Introduction |
|
Purpose of policy |
|
Types of data |
Data stored is limited to
|
Policy statement |
Evolution Healthcare Systems are commited to:
|
Key risks |
Evolution Healthcare Systems will endeavour to prevent the following risks:
|
Responsibilities |
|
The Board / Company Directors |
They have overall responsibility for ensuring that the organisation complies with its legal obligations. |
Data Protection Officer |
Janette Clennett will be responsible for:
|
Enforcement |
The penalties for infringing the Data Protection and related policies will lead to dismissal of the staff member. Training will be provided for all staff. Any infringement of data protection should be submitted in writing to the directors. |
Security |
|
Scope |
Data will be stored for Business Continuity and to assist users with any technical or usage issues regarding Evolution Healthcares Systems products |
Security measures |
Users Contact details only will be stored by Evolution Healthcare Systems. No User Names or Passwords will be recorded or retained. User’s details will be deleted upon leaving the employment of our client’s. |
Specific risks |
We will never solicit personal information such as usernames or passwords from our Clients/Users by phone. |
Confidential Information |
Evolution Healthcare Systems will never request or hold any Client/Users personal information either by telephone or email. Evolution Healthcare Systems will never request or hold any patient information either by phone or email. Any request for this sensitive information must be reported to Evolution Healthcare systems at once. |
Data recording and storage |
|
Accuracy |
It is important the information we hold is correct and accurate to enable us to assist the user with the correct help or assistance when using Evolution Healthcare Products. |
Updating |
We update our records when new Users/Clients use our products. Any member of staff leaving the organisations details will be deleted. |
Storage |
All contact details are stored on a secure spreadsheet only accessible by Evolution Healthcare Systems head office. |
Retention periods |
Data will only be stored as long as the User/Client is using our products. |
Archiving |
All data no longer in use will be deleted after the period of 1 month. |
Right of Access |
|
Responsibility |
Janette Clennett is responsible for ensuring that right of access requests are handled within the legal time limit of one month |
Procedure for making request |
Right of access requests must be in writing. A standard request form can be found on our website as a standard PDF. Website address www.evolutionhealthcaresystems.co.uk. There is a clear responsibility for all employees to pass on anything which might be a subject access request to the appropriate person without delay. |
Provision for verifying identity |
When any information is requested by a third party Evolution Healthcare Systems will seek permission from the subject before handing over any information |
Charging |
We provide the information free of charge. However we may charge a ‘reasonable fee’ when a request is manifestly unfounded or excessive, particularly if it is repetitive. We may also charge a reasonable fee to comply with requests for further copies of the same information. The fee will be based on the administrative cost of providing the information |
Procedure for granting access |
If the request is made electronically, we will provide the information in a commonly used electronic format. |
Transparency |
|
Commitment |
Evolution Healthcare Systems are committed to safeguarding all information held.
|
Responsibility |
The Directors of Evolution Healthcare Systems hold the Responsibility for all data held. |
Lawful Basis |
|
Underlying principles |
We have checked that the holding of personal workplace data is necessary for the relevant purpose, and are satisfied that there is no other reasonable way to achieve that purpose. |
Opting out |
Evolution Healthcare Systems give the Users/Clients opportunity to opt out of their data being held, and acknowledges assistance cannot be given either by email or telephone once the permission has been withdrawn. |
Withdrawing consent |
Evolution Healthcare Systems wish to acknowledge that, once given, consent can be withdrawn, but not retrospectively. There may be occasions where our organisation has no choice but to retain data for a certain length of time, even though consent for using it has been withdrawn. |
Employee training & Acceptance of responsibilities |
|
Induction |
All employees who have access to any kind of personal data will have their responsibilities outlined during their induction procedures |
Continuing training |
Data Protection issues will be raised during employee training, team meetings, supervisions, etc. |
Procedure for staff signifying acceptance of policy |
Employees will be expected to sign an acceptance form acknowledging our data protection policy. |
Policy review |
|
Responsibility |
Janette Clennett will have the responsibility for carrying out the next policy review. |
Procedure |
The directors of Evolution Healthcare systems will be consulted in the review. |
Timing |
The review will be started by the first of April 2021, in order to be completed by the required date. |
Please print required form, fill in the details and scan or photo the form and send back to us by email to Support@evohelpdesk.co.uk or pop it in the post. Please keep the original for your records.