Summary

This Privacy and Data Protection Notice is devised in keeping with the Data Protection Act 1998, the Privacy and Electronic Communications (EL Directive) Regulations 2003 and the General Data Protection Regulations Legislation (2018).


Our Commitment

We are fully committed to protecting the privacy of our clients, partner organisations, employees, volunteers and beneficiaries. This notice outlines what data we collect, where it is held and how it is used. If you have any questions concerning your personal data and how we look after it then please contact the Data Protection Officer - External link opens in new tab or windowRay Travasso.


Data Collection and Storage

We do collect and hold personal data for children and adults who receive Music Therapy. This enables our therapists to assess, audit and evaluate the work. It ensures best practice and enables our therapists to develop their skills in providing high standards of Music Therapy.  Information from Music Therapy referrals, assessments, meetings and sessions will be used to enable our Music Therapists to write reports, liaise with families and professionals.  Information may be shared within the team and to approved supervisors for educational purposes. We are professionally bound to keep accurate information and receive regular supervision by the Health and Care Professions Council (HCPC). Data stored may be in the form of audio or video recordings, personal information, notes and reports.


We will only hold data and information for as long as reasonably necessary to carry out services, unless we are required to hold longer, for legal or professional reasons. For paper documents, they are stored in a locked filing cabinet. For electronic data, this is encrypted, held and stored securely. Data held may include:


  • Name, preferred name and address
  • Gender and ethnicity
  • Email address and/or telephone numbers
  • Date of birth
  • Initial enquiry notes
  • Referral information
  • Correspondence through email or letter
  • Assessment notes and Music Therapy reports
  • Outcome Star data (assessment, evaluation and progress recording) - this data is held securely by External link opens in new tab or windowTriangle Consulting
  • Music Therapy session notes
  • Music Therapy Sessions (Audio and Video Recordings)

For Online Music Therapy Sessions and Video Conferencing Sessions and Meetings:
  • Online Music Therapy Sessions (Audio and Video Recordings)
  • Names and Town locations of individuals connecting through Online Music therapy and Video Conferencing meetings
  • Number of minutes used on Video conferencing meetings and Online Music Therapy Sessions
  • Types of devices used to connect
  • Dates, Times (join, leave and length times) and Meeting title information
  • IP addresses of participants in Online Music Therapy sessions and Video Conferencing meetings


We will endeavour to:


  • Communicate clearly about why we need to collect personal information and what we are going to use it for.
  • Collect only the information we need.
  • Take good care of all personal information, and make sure it is up to date, safe and secure.


We will never sell personal information, or let other organisations use it for marketing.


Security of Contacts

The security of 'contacts' (Clients, organisations, applicants, employees, volunteers and subcontractors) is paramount to us. Our database is stored online in a secure and encrypted manner. Our applicants, employees, volunteers and subcontractor's personal information will only be accessible to the Directors, certain staff and partner organisations (i.e. payroll and pensions) if it is required for them to carry out their role and in compliance with this Privacy and Data Protection Notice and the Suffolk Music Therapy Services Data Protection and Privacy Policy.


Sharing Information

If there is a concern about terrorism, illegal activities or trafficking issues, or an individual is considered at risk of harm to themselves or others, the data will be shared with the relevant authorities/agencies. We only share personal information where it is necessary to carry out the organisation's activities, AND only if the individual/parent/guardian has given informed consent for the information to be shared.


ICO Registration

Suffolk Music Therapy Services is registered with the ICO (Information Commissioners Office). All files are encrypted and stored securely on strong password protected devices/cloud.


Subject Access Request

Our 'contacts' have the right to a copy of the information held about them. This is called a 'subject access request'. 'Contacts' also have the right to have incorrect information corrected. Subject access requests, personal information updates and opt out requests should be emailed to the Data Protection Officer, External link opens in new tab or windowRay Travasso.


Questions and Queries

Please contact the Data Protection Officer to view a copy of our Data Protection and Privacy Policy. For any questions about this document and your right in regarding the processing of your personal information, please contact the Data Protection Officer - External link opens in new tab or windowRay Travasso.