The data act allows clients to these rights:
- To see what information is held about them and correct the information if necessary.
- The right to refuse or give information.
- The data stored must be correct and up to date.
- The data must only be kept for as long as it is needed.
- The information given should not be available to unauthorised people
For my work placement I went to St Marks Rainbows. Even though rainbows is only run for one hour per week confidentiality is paramount.
The guiding organisation holds information under explicit consent, this means that the when the information is given the legal guardians are fully aware of what information will be kept.
The rainbow guiding association can keep to types of data:
- Sensitive personal data
- Personal data
Personal data is the information that can identify you such as your name. Where as personal date requires explicit consent, for example your religious beliefs.
The personal data that the rainbow leaders are aloud to hold about their rainbows are:
- Name
-
Address – So that they can be contacted
-
Date of Birth – to ensure the child is the right age to join the rainbow guides
-
Telephone number – for contact in case of an emergency
The sensitive data that the rainbow leads are aloud to hold about the rainbows are:
-
Health
Details of medical conditions such as asthma to enable leaders to be prepared for medical emergencies and to avoid allergies.
-
Disabilities
Details of any disability, to enable integration and to access any special provision required.
-
Religion/faith and race or ethnic origin
To enable leaders to ensure programmes and menus take account of cultural needs
The guiding association have set up a list of data protection principles. These are guidelines that the guide association have set up to make sure that data is collected correctly. The principles are that the data must:
- Processed "fairly and lawfully
- Obtained for a "specified and lawful purpose"
- Adequate, relevant and not excessive to that purpose
- Accurate and up to date
- Kept only for as long as required for the purpose for which it was obtained
- Processed in accordance with the rights of data subjects
- Secure - the level of security being proportionate to the level of harm that could result if unauthorised access occurs
- Not transmitted outside the EEA (European economic area) without consent from the data subject.
One of the main concerns is that the information that they supply will be kept safe; by showing the parents that the information that they give will be kept safe gains their trust. Ways of keeping the data private are:
- If records are left at the meeting place they must be locked away.
- Personal data must not be left on notice boards.
- If records are stored at home put them away when not in use.
- If records are on a computer that others can access, e.g. via a network, keep the records on a disk and keep the disk safe.
- Check with each data subject that her record is correct at least once a year.
- Destroy out of date records by burning or shredding into small pieces.
- Do not give lists to non-Guiding people or organisations, such as Churches, unless you have gained permission from the girl’s parents or guardians to do so.
- Do not use your records for anything other than Guiding purposes.
- Keep the records in a way that while looking at one person’s details you are not revealing someone else’s on the same page.
- Record facts not opinions.
I have asked if these polices and put to use and I found out that they abide by each one and to make sure that they abide by the polices they have regular checks by the District Commissioner.