We are aware that we are dealing with information which is personal and sensitive to you. We are keen to ensure that this is kept safely and you are aware of what happens to the information that you give us.
What information do we collect?
In order for us to accurately assess and treat your child, we ask you to provide us with some background information about their development, relevant medical history, concerns you may have about your child and what support is currently in place. Alongside this we ask for their date of birth along with relevant contact details. This may include details of their school, if this is deemed appropriate.
During our assessment we will record our observations and complete a variety of tests (applicable to your child’s perceived therapeutic needs). If you provide us with written consent, we may also take a photo of your child’s pencil grasp and sitting posture whilst writing.
How do we store this?
Handwritten information and copies of reports are kept securely in a locked filing cabinet. Whilst the case is active, reports/emails are also stored on a laptop which is backed up by online backup software and an encrypted storage device. When your case is no longer active, we delete the information on the laptop and it is kept on the encrypted storage device.
How long do we keep it?
Currently health records need to be kept until your child reaches 25 years of age. If your child is 17 when we first assess them, then we will keep the records until they reach 26 years of age. At this stage the records will be destroyed.
Do we share your information?
We do not share your information unless we have your written consent to do so and we will contact you on each occasion. This is part of the initial contract that we make with you. If we receive your consent, then there are occasions when we will send the report and relevant advice to the school.
Following assessment, we will email you a draft copy of our report. This will be password encrypted and a password will be arranged individually with you. Once you have agreed the report and we have received payment, then we will email you with a finalised encrypted report. If you would prefer to have this report sent by post then this is also possible.
If you want to access your records?
There is a procedure in place if you would like to see our notes and reports held on file about your child. This is compliant with procedures recommended by the Royal College of Occupational Therapists and ICO.
We are members of ICO and have processes in place to be GDPR compliant.
Hands Up Data Breach Policy
“A personal data breach may, if not addressed in an appropriate and timely manner, result in physical, material or non-material damage to natural persons such as loss of control over their personal data or limitation of their rights, discrimination, identity theft or fraud, financial loss, unauthorised reversal of pseudonymisation, damage to reputation, loss of confidentiality of personal data protected by professional secrecy or any other significant economic or social disadvantage to the natural person concerned.”
Recital 85 of the GDPR. Source: ICO
As Controllers of your and/or your child’s data, we have responsibilities to use and store data lawfully.
Unforeseen circumstances may arise where a breach of the controls we have set in place occurs. Examples may be that emails, with or without attachments are sent incorrectly; information may be disclosed to third parties without your consent; data may be deleted prematurely.
Some personal data breaches may not lead to risks beyond possible inconvenience to those who need the data. However, other breaches can significantly affect individuals whose personal data has been compromised.
We view all these potential risks seriously and in the event of any compromise of data relating to you or your child, we will act in the following manner:
- You will be informed of any breaches involving your data within 72 hours.
- Immediate steps will be taken to “contain” the breach, ie to ensure the data is not further viewed, stored or used without your consent.
- Serious breaches will be reported to the ICO within 72 hours. An example may be a laptop being stolen or accessed unlawfully.
Child protection policy statement
Hands Up Occupational Therapy acknowledges the duty of care to safeguard and promote the welfare of children and is committed to ensuring safeguarding practice reflects statutory responsibilities, government guidance and complies with best practice and Health and Care Professions Councilrequirements.
The policy recognises that the welfare and interests of children are paramount in all circumstances. It aims to ensure that regardless of age, ability or disability, gender reassignment, race, religion or belief, sex or sexual orientation, socio-economic background, all children
- have a positive and enjoyable experience of Occupational Therapy from Hands Up in a safe and child centred environment
- are protected from abuse whilst participating inOccupational Therapy assessments and treatment.
Hands Up acknowledges that some children, including disabled children and young people or those from ethnic minority communities, can be particularly vulnerable to abuse and we accept the responsibility to take reasonable and appropriate steps to ensure their welfare.
As part of our safeguarding policy Hands Up will
- promote and prioritise the safety and wellbeing of children and young people
- ensure everyone understands their roles and responsibilities in respect of safeguarding and is provided with appropriate learning opportunities to recognise, identify and respond to signs of abuse, neglect and other safeguarding concerns relating to children and young people
- ensure appropriate action is taken in the event of incidents/concerns of abuse and support provided to the individual/s who raise or disclose the concern
- ensure that confidential, detailed and accurate records of all safeguarding concerns are maintained and securely stored
- prevent the employment/deployment of unsuitable individuals
- ensure robust safeguarding arrangements and procedures are in operation.
The policy and procedures will be widely promoted and are mandatory for everyone involved in Hands Up. Failure to comply with the policy and procedures will be addressed without delay and may ultimately result in dismissal/exclusion from the organisation.
Monitoring
The policy will be reviewed a year after development and then every three years, or in the following circumstances:
- changes in legislation and/or government guidance
- as a result of any other significant change or event.