How do we protect your information?
We will do what we can to make sure we hold personal records (on paper and electronically) in a secure way, and we will only make them available to those who have a right to see them. Our security includes:
- Encryption allows information to be hidden so that it cannot be read without special knowledge (such as a password). This is done with a secret code or cypher. The hidden information is said to be encrypted.
- Pseudonymisation allows us to hide parts of your personal information from view so only we can see it.
- Controlling access to systems and networks allows us to stop people who are not allowed to view your personal information from getting access to it.
- Training for our staff allows us to make them aware of how to handle information and how and when to report when something goes wrong.
- Ways for us to access your information should something go wrong and our systems not work, including how we manage your information in event of an emergency or disaster.
- Regular testing of our technology and processes including keeping up to date on the latest security updates (commonly called patches).
View our policy on information security at the foot of the main GDPR page.
If your information leaves the country
Sometimes, for example, if we received a request to transfer records because you were moving abroad, it would be necessary to send that information outside of the UK. In such circumstances, additional protection will be applied to that data during its transfer, and where the receiving country does not have an adequacy decision from the European Commission, advice will be sought from the Information Commissioners Office prior to the data being sent.