“The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union. It also addresses the export of personal data outside the EU and EEA areas. The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
Superseding the Data Protection Directive 95/46/EC, the regulation contains provisions and requirements pertaining to the processing of personally identifiable information of individuals (formally called data subjects in the GDPR) inside the European Union, and applies to all enterprises, regardless of location, that are doing business with the European Economic Area. Business processes that handle personal data must be built with data protection by design and by default, No personal data may be processed unless it is done under a lawful basis specified by the regulation, or if the data controller or processor has received explicit, opt-in informed consent from the data subject. The data subject has the right to revoke this permission at any time.”
Wiston Lodge’s Designated Data Controller
Wiston Lodge’s Managing Director is responsible for ensuring compliance with the Data Protection Act and implementation of this policy on behalf of the Board of Directors Any questions or concerns about the interpretation or operation of this policy should be taken up in the first instance with him/her.
Principle
Wiston Lodge holds personal data on all activity participants, all staff, volunteers and most visiting guests. The control of this information is critical to adherence to this legislation. The understanding of this legislation by all members of staff involved in personal information processing and handling is therefore critical.
Employees of Wiston Lodge must remain vigilant to the flow, availability and security of all personal information held at Wiston Lodge both with a physical and electronic context and the following information is provided as a policy for information security. Should staff members, through the administration process, identify further reasonably practicable methods for increasing security, they should raise it with their line manager at the earliest opportunity.
Information held must be with the express permission of the person the information concerns. Employees must be able to evidence that any information held in either electronic or physical form has been consented to. In all cases any individual have the right to access any information concerning them and challenge Wiston Lodge’s authority to retain said information.
Paperwork
Any paperwork that holds personal information should be held in a secure manner. Personal information must be handled with the minimum members of staff having access as possible. This involves locking all paperwork in a place that is as secure as reasonably possible. Files can be locked in a desk during breaks or whilst at lunch. However paperwork should be locked in filing cabinets/safes with limited access overnight. Thought should be given as to what level of access to other staff members and/or visitors to work areas that are involved in working with personal information. If the area has any unauthorized access, then action is required.
Staff/Volunteer files, are shared with HR, the line manager, the managing director and the board of directors only. All other information sharing is by consent from the individual concerned. Files for current staff/volunteers are collected from the HR filing cabinet that is secured within office at all times. The minimum number of files should be released at any one time, worked on/updated and then returned to the filing cabinet immediately on completion. Historical files are kept within the main safe with access by HR and Managing Director only. The safe release, use and return of information is on the same basis as the aforementioned.
- Personnel files will be held for a period of not more than seven years and then duly destroyed.
- Staff information received in any other format other than paper copies must be printed out, and with all electronic versions subsequently destroyed.
- The range of information held in each personal file is as follows.
- Personal details – name, address, emergency contact, date of birth, sex, education and qualifications, details of any known work-relevant disability and work experience. Tax code and national insurance number along with name and address will be shared with an outside agency dealing with Tax, Pensions and National Insurance.
- Induction Process To ensure that every employee has received the correct level of induction.
- Employment history with the organisation – date employment began, promotions, present job, job title
- Details of terms and conditions. Pay, hours of work, holiday entitlement and any other benefits. A copy of the written main terms and conditions of employment, or the employment contract. Copies of any changes to the contract.
- Absence details – lateness, sickness, any other authorised or unauthorised absence e.g. annual holiday, maternity/paternity/dependents leave, compassionate leave.
- Details of training/further education. Undertaken with the organisation, whether internal or external.
- Details of any disciplinary action. This may include any grievance or dismissal processes.
- Details of termination of employment.
- Details of any accidents connected with work, including on way to and from work. Certain accidents must be reported to relevant authorities for health and safety purposes. This may include the administration of first aid.
- Additionally the organisation has responsibilities to hold records regarding its statuary obligations
- Recruitment and selection procedures and results
- Induction training and career development for individuals
- Sick pay/sick absence other absence, lateness and employee turnover
- Discipline, including dismissals, and grievance
- Termination of employment
- Equal opportunities issues (gender, sexual orientation, religion or belief, race, age, disabilities).
This information will be collated wherever possible without identifying individuals. However should any staff member information be included, the same protocols regarding security of this information will be upheld.
Job Applications and CV’s are submitted for each position advertised. The information sent will be treated in the same manner as current staff volunteer’s files with any unsuccessful candidates information destroyed in both electronic and physical formats – unless permission is provided in written form by the candidate to retain applications. This may be utilised, for example, future vacancies that may be suitable to the candidate.
PVG membership scheme information by its definition contains a large amount of historical information regarding scheme applicants. Once an application has been started, all of the information contained within it should be treated as confidential and stored in a safe and secure manner with limited access to the HR personnel and Managing Director only. Any supporting information (passports, driving license etc.) should be stored alongside the application and returned to the applicant at the earliest opportunity. The posting of completed forms must be conducted using registered post to reduce the likelihood of information loss. On receipt of membership confirmation, the information will be opened by the Managing Director only. On confirmation of acceptance by the managing director PVG membership number, name and address of the candidate shall be retained with the remainder of the document immediately destroyed.
Freelance Instructors shall be treated with the same level of confidentiality as all other staff/volunteers. Access to files is limited to the Programmes Coordinator, HR and Managing Director. Visiting groups may at times ask for the professional qualifications of instructors engaged with their groups – this may be taken from the matrix of qualifications held by the Programmes Coordinator which is openly displayed for legal reasons.
Medical Consents are required for each participant to both identify issues before they occur and to duly warn individuals as to the nature of outdoor provision. The information contained must be shared with staff directly engaged with the individuals concerned. The sharing of this information must however be limited to those who need to know in order to continue with their duties, whilst supporting visitors. One copy of the medical consents is kept on site by agreement of the participant. This copy must not be duplicated unless for internal matters with sole exception of creating a copy to accompany guests if they need additional medical support (hospital/ambulance) offsite. Should notes be required by instructors working on session, information should be recorded in a manner that de-identifies medical issues from personally identifiable information by the use of artificial identifiers or pseudonyms. This may include lists using first initials of group members alongside a summary of the medical issue(s). This information, although condensed and with a reduced opportunity to identify individuals must be adequately destroyed once the group has departed the site or the instructor has completed their duties.
Medical consents received in any other form other than paper copies, must be printed out with all electronic versions subsequently destroyed.
Consents will be stored in a paper form only in a secure manner accessible to kitchen personnel, activities personnel, organising staff and the duty manager as required. Once the group/individuals have completed their stay the consents will be transferred to the safe immediately and retained for a period of two years. Once the two year period is lapsed, consents will be adequately destroyed unless there exists a legal reason for retention. This decision shall rest with the Managing Director.
Disposal of papers with any personal information printed or written must be shredded and or burnt to an extent that no information can be recovered.
Electronic Information
Most personnel at Wiston Lodge have access to a company PC. It is important to recognise that the information retained on both the individual PCs, the company server and all associated cloud based programmes remain the property of Wiston Lodge and are therefore party to this policy.
Whilst specific programs allow the remote access to e-mail abilities through cloud based technology, the transfer of information onto personal computers is an infringement of this policy. All work conducted utilising Wiston Lodge e-mail platforms and the information held within remains the property of Wiston Lodge and therefore all data protection procedures remain, regardless of the physical location of the employee/volunteer. Removable media equipment such as pen drives must be treated in a similar manner. The transfer of all information must be secure and remain within the framework of this policy.
Security regarding access to Wiston Lodge remains the responsibility of the employee/staff member. Access to programmes and the server is provided to individuals on the condition that they set their own security passwords. The passwords should not be shared with anybody and should not be written down, Passwords should contain a mixture of letters numbers and characters and should be no less than six characters long. Passwords that are used for Wiston Lodge access rights should not be used for any other purposes (i.e. unique to the WL System) Access to drivers is limited in support of GDPR, therefore provided access to personnel not cleared is in contravention of policy and legislation.
All computers should be set to automatically log off to screensaver after 15 minutes of idle time to reduce the likelihood of authorized access.
All computers should be physically secured inside a locked room at the end of the business day and for any periods whereby the potential for them being stolen exists. This safety measure is also required when laptops are taken off site, and the security of the equipment remains the responsibility of the employee.
If staff/volunteers are providing access to a colleague or visitor for web access/basic tools, it must be conducted under the direct supervision of the staff member involved in order to safeguard information stored.
User specific access to drivers within the Wiston Lodge server provides additional layers to the security in place. It is important to recognise the nature of files being used and to store them on the appropriate drive. Each staff member should be aware of drives available to them and the access rights to each drive utilised. This will include the other staff members that have access to specific shared drives.
Remote Access has been approved to Sabre Systems (Lanark) solely. Any staff member/volunteer approving access to any other individual or organisation without the express approval of the Managing Director shall be deemed in breach of this policy.
Viruses, worms and spyware are all specifically designed to circumnavigate the security protocols of your computer. The antivirus software along with the Microsoft security protocols, must be updated on a regular basis in order to maximize the level of protection provided. However it remains the responsibility of all system users to identify suspect e-mails and attachments prior to opening. If a virus is detected on the system, the IT support desk at Sabre Systems must be contacted immediately. If the help desk is unavailable the computer must firstly be removed from the network and then shut down awaiting It support. Training will be provided on request by the Managing Director.
Equipment disposal at the end a computers’ life shall be carried out by Sabre Systems. This is to ensure that no information is accidently provided to any third parties.
Website
The webpages and associated software pach]kages are capable of collecting personal information regarding users. The process under which this information should be gathered on a “opt in basis” only. This means that we shall not gather any information regarding users without their specific consent to do so. The limitations of this agreement shall be displayed openly. This will include:-
- Specific information gathered/required.
- Who has access to the information.
- What duration the information shall be held for
- The security measures in operation to retain the information.
- The fact that the information shall not be shared with any third party without prior consent.
- The individual’s right to see any information held and/or ask us to remove it from our systems.
- As a consequence all personal information gathered from our webpages and associated programmes must be clearly identified and accessible by personnel authorised to do so only.
Verbal
Personal information is not limited to formal processes used in the processing of guests and staff. Most of the information sharing within Wiston Lodge takes place in both formal and informal discussion points. Equal care regarding the transfer of information should be considered prior and during such discussions.
The care and support of guests will at times require as discuss specific personal issues. This information sharing is required in order to carry out our duty of care, but must be limited to both the minimum number of appropriate staff members and the minimum amount of personal information required. If notes are needed in support – it is important to remove all personal identifying information. This may be achieved through the use of a identifying key such as first initial as laid out on the paragraph entitled Medical Consents.
Personal information should on no account be shared with any party outside of the organisation without specific prior consent from the individual/parent/guardian.
Staff/Volunteers are entitled to the same consideration. Personal information should only be provided on a “need to know” basis. Consideration should be given to:
– Personal telephone numbers
– Home addresses
– Medical conditions
– Personal circumstances.
– Grievance/Disciplinary processes
The list is not exhaustive and is provided as examples only.
Line managers and senior management may have a legal or business reason to retain this information as outlined, however the same legislation exists in the control of information distribution.
Personnel have the right to share some or all this information with staff members through conversation. The right to then share with further staff members or those outside the organisation should not be assumed any and 2nd party at any time.
Approved by Jonny Sutherland – Managing Director
Approved by Jane Robison – Wiston Lodge Trustee