Page 21 - Part B
P. 21

Information, Advice or Guidance



                   The second strand relates to the eight data protection principles listed below:

                   1.   Personal data shall be processed fairly and lawfully

                   2.   Personal data shall be obtained only for one or more specified and lawful purposes

                   3.   Personal data shall be accurate, relevant and not excessive for its purpose

                   4.   Personal data shall be accurate and, where necessary, kept up to date

                   5.   Personal data shall not be kept for longer than is necessary

                   6.   Personal data shall be processed in accordance with the rights of data subjects

                   7.   Appropriate technical and organisational measures shall be taken against
                         unauthorised or unlawful processing of personal data and against accident, loss
                         or destruction

                   8.   Personal data shall not be transferred to a country outside the EU unless that
                          country ensures an adequate level of data protection.



                   What this means for you, in practice, is when you handle client data (such as their
                   name and address) you must ensure that you use that information for the right reason,
                   which the client must be made aware of. For example, to use their contact information
                   to write a letter informing them of their appointment time.

                   You must make sure their information is accurate, relevant and not excessive. For
                   example, you do not need to know their previous addresses or for how long they have
                   lived there. You must ensure the information is up to date, by asking the client to
                   update it if it changes or perhaps checking you have their correct address when they
                   have an appointment. You may well have experienced this yourself when you attend a
                   medical appointment.

                   You must make sure that you do not keep their information longer than you need
                   to. Once the client has been signposted or referred, you no longer need that client’s
                   address. Lastly, you must ensure their information remains safe by keeping it locked
                   away. You may have seen in the news recent incidents of people leaving computers
                   and personal information of clients on trains and other public transport. These people
                   were not complying to confidentiality laws or the Data Protection Act.

























                                                        19
   16   17   18   19   20   21   22   23   24   25   26