Privacy and Data Protection Notice
This Privacy and Data Protection Notice is devised in keeping with the Data Protection Act 1998, the Privacy and Electronic Communications (EL Directive) Regulations 2003 and the General Data Protection Regulations Legislation (2018).
We are fully committed to protecting the privacy of our clients, partner organisations, employees, volunteers and beneficiaries. This notice outlines what data we collect, where it is held and how it is used. If you have any questions concerning your personal data and how we look after it then please contact the Data Protection Officer - Ray Travasso.
Data Collection and Storage
We do collect and hold personal data for children and adults who receive Music Therapy. This enables our therapists to assess, audit and evaluate the work. It ensures best practice and enables our therapists to develop their skills in providing high standards of Music Therapy. Information from Music Therapy referrals, assessments, meetings and sessions will be used to enable our Music Therapists to write reports, liaise with families and professionals. Information may be shared within the team and to approved supervisors for educational purposes. We are professionally bound to keep accurate information and receive regular supervision by the Health and Care Professions Council (HCPC). Data stored may be in the form of audio or video recordings, personal information, notes and reports.
We will only hold data and information for as long as reasonably necessary to carry out services, unless we are required to hold longer, for legal or professional reasons. For paper documents, they are stored in a locked filing cabinet. For electronic data, this is encrypted, held and stored securely. Data held may include:
- Name and address
- Email address and/or telephone numbers
- Date of birth
- Initial enquiry notes
- Referral information
- Correspondance through email or letter
- Assessment notes and Music Therapy reports
- Music Therapy session notes
We will endeavour to:
- Communicate clearly about why we need to collect personal information and what we are going to use it for.
- Collect only the information we need.
- Take good care of all personal information, and make sure it is up to date, safe and secure.
We will never sell personal information, or let other organisations use it for marketing.
Security of Contacts
If there is a concern about terrorism, illegal activities or trafficking issues, or an individual is considered at risk of harm to themselves or others, the data will be shared with the relevant authorities/agencies. We only share personal information where it is necessary to carry out the organisation's activities, AND only if the individual/parent/guardian has given informed consent for the information to be shared.
Suffolk Music Therapy Services is registered with the ICO (Information Commissioners Office). All files are encrypted and stored securely on strong password protected devices/cloud.
Subject Access Request
Our 'contacts' have the right to a copy of the information held about hem. This is called a 'subject access request'. 'Contacts' also have the right to have incorrect information corrected. Subject access requests, personal information updates and opt out requests should be emailed to the Data Protection Officer, Ray Travasso.
Questions and Queries