On the 28th of May 2018, the General Data Protection Regulation (GDPR) came into force across the European Union and the United Kingdom, which has brought significant changes to data protection law. Based on privacy by design and taking a risk-based approach, the GDPR has been designed to meet the digital age requirements. The 21st century brings a new definition format of what constitutes personal data and a vast increase in cross-border processing. The General Data Protection Regulation aims to standardise data protection laws inclusive of more consistent rights to control and access personal information.
Willow Homecare & Support Services Limited is dedicated to ensuring the security and protection of personal information processed and providing a consistent and compliant approach to protecting data. As a company, we have always had an adequate data protection process that is compliant whilst abiding by data protection principles. Furthermore, Willow Homecare is committed to safeguarding personal information whilst developing a data protection regime that is fit for purpose, effective and demonstrates an understanding of the new General Data Protection Regulations.
When obtaining consent, we have revised our policy and procedures for obtaining personal data whilst ensuring that employees and service users understand what they are providing, why and how we will use it. Furthermore, defining ways that individuals can consent whilst ensuring that we, as a company, can evidence an affirmative opt-in, along with time and data records. In addition, Willow Homecare has a system that enables employees to check their personal information regularly to correct, delete, or update any information. If an employee becomes aware that we hold any incorrect or irrelevant information, they must notify the human resources department immediately and provide the correct information accordingly.
Willow Homecare & Support Services Limited take the security and privacy of individuals and their personal information seriously and ensure that step is taken to ensure reasonable measures and precautions are in place to secure individual personal data is not breached. We have a policy and procedure to protect personal information from unauthorised access, disclosure, alteration or destruction.