Data Protection Policy 2018

This policy meets legitimate privacy and data expectations of any person approaching the Dementia Friendly Parishes around the Yealm for any reason.  It protects the projects reputation and does not harm the trust of anyone making an approach to Dementia Friendly Parishes around the Yealm. It demonstrates that the Committee has taken all reasonable steps to reduce risks in handling personal data.

Dementia Friendly Parishes around the Yealm is committed to complying with the requirements of the General Data Protection Regulations (GDPR) which came into force on 25thMay 2018 in the management of all personal information.

Personal Information will be processed complying with the eight principles of GDPR which is to make sure that personal information is:
• Legitimate interest (what the Committee needs for its work) Vital interest (relevant only to the issue being considered)
• Fair, lawful and transparent, i.e. how the committee uses information.
• Compatible and specific, i.e. the purpose is limited to the issue being considered by the Committee
• Adequate, relevant and limited to what is necessary
• Accurate and rectifiable. Information will be restricted to the purpose of its original use.
• Retained for no longer than necessary to meet  the requirements of this policy
• Integrity and confidentiality.

– Secure from the point of collection through to disposal (for instance through password protection, Trustee and volunteer training, confidentiality policy etc.)
– Not transferred to other people/parties/placeswithout adequate protection or consent from the individual concerned

The Act provides individuals with important personal rights, including access to personal information that is held about them, compensation and preventing some processing of information.

All Committee Members of Dementia Friendly Parishes around the Yealm are aware of their responsibilities under the GDPR and are required to give their consent on the retention of their personal information.

All approaches to Dementia Friendly Parishes around the Yealm will be dealt with under the requirements of the GDPR.

Minutes and agendas

No personal information will be recorded in the minutes

Confidentiality

All committee members have signed an undertaking of confidentiality.

Storage of information

Personal information will be held on a secure data base with access by project staff only.

All emails containing information about a person with dementia and their family will be deleted once the project coordinator is no longer involved with person with dementia and their family. Access to personal information is limited to Committee members and the project coordinator only and on a ‘strict’ need to know basis. No information will be passed outside the Project without the individual applicants consent.  The retention period for all personal information will be for as long as the person is directly linked to the project, by mutual agreement or by specific request.

Recruitment

For recruitment of staff or volunteers – only required information will be held about individuals.  All committee members, staff, volunteers and attendees at groups will be required to sign a Consent form under the GDPR.

General

A Risk Assessment will be completed on the processing and management of information held by the Committee in order to ensure that it complies with the terms of the GDPR.

Dementia Friendly Parishes around the Yealm is committed to reviewing this policy, practice and Risk Assessment annually or sooner if required.

Policy adopted by Dementia Friendly Parishes Committee on 31stAugust 2018