Privacy Policy

OT Works is committed to protecting your personal data and also to ensuring that your rights to privacy are protected.

OT Works aims to meet the requirements of the Data Protection Act 2018, the General Data Protection Regulation (GDPR), the guidelines on the Information Commissioner’s Office website as well as our professional guidelines and requirements as set out by The Royal College of Occupational Therapists. www.rcot.co.uk

For Your Information:

1. OT Works is the Data Controller of the information you supply and are registered with the ICO No: ZB393088
2. OT Works has a Data Protection Officer, to contact this person please email tonya@otworks.co.uk
3. The information we collect from you on this website and subsequently process may include your contact details (name, address, telephone numbers, email address etc.) and any other data that is required for the purposes of enabling OT Works to provide you with the appropriate guidance, support or services that you seek in regards to our range of Occupational Therapy services.
4. The information is collected and will be processed so that OT Works may provide you with the appropriate guidance, support or services that you are seeking.
5. The information may be shared with third parties for administration and/or management purposes, where it is necessary or desirable and lawful for OT Works to do so. However, OT Works will share only the minimum information that is necessary.
6. The information will not be processed outside the European Economic Area.
7. The information will be retained for as long as is necessary. When the information is no longer required, it will be destroyed securely.

What Personal Data Do We Hold?

In order to provide you with a high standard of Occupational Therapy services, we need to hold personal information about you. You will be asked to provide personal information as part of our referral and assessment process. The purpose of us processing this data is to provide Occupational Therapy services to you.

This personal data may comprise details such as:

• Your past and current medical information; personal details such as your age, address, telephone number and general medical practitioner
• Clinical reports where appropriate to our involvement in your case
• Information about the treatment or services that we have provided or propose to provide.
• Notes of conversations that are relevant to OT Works involvement with you.
• Any correspondence relating to you with other health care professionals, for example in a residential home, hospital or community services.

The Categories Of Data We Process Are:

• Personal data for the purposes of direct mail/ email/ text/ other marketing
• Special category data including health records for the purposes of the delivery of Occupational Therapy.
• We never pass your personal details to a third party unless we have a contract for them to process data on our behalf and will otherwise keep it confidential. If we intend to refer a client to another practitioner or service we will gain the individual’s permission (Third Party Consent form) before the referral is made and the personal data is shared.
• Personal data is stored in the EU whether in digital or hard copy format.
• Personal data is obtained when a client is referred to our service and for the duration of our involvement.

How Do We Maintain The Confidentiality Of Your Records?

We are committed to protecting your privacy and will only use information collected lawfully in accordance with the relevant legislation. Every member of staff who works for OT Works has a legal obligation to keep information about you confidential and they have been provided with the relevant training and support in order to enable this to happen. We will only ever use or pass on information about you if others involved in your care have a genuine need for it. We will not disclose your information to any third party without your permission unless there are exceptional circumstances. The lawful basis of processing personal data such as name, address, email or phone number is:

• Consent of the data subject
• Processing is necessary for the performance of a contract with the data subject or to take steps to enter into a contract site.

Why Do We Hold Information About You?

We need to keep comprehensive and accurate personal data about our clients in order to provide them with safe and appropriate Occupational Therapy services.

We Will Process Personal Data That We Hold About You In The Following Way:

RETAINING INFORMATION

The retention period for special data in patient records is normally a minimum of 10 years. The retention period for other personal data is normally around 2 years after it was last processed. You have the following personal data rights:

• The right to be informed
• The right of access
• The right to rectification
• The right to erasure (clinical records must be retained for a certain time period)
• The right to restrict processing
• The right to data portability
• The right to object

Here are some practical examples of your rights:

• If you are a client of OT Works you have the right to withdraw consent for important notifications, newsletters, surveys, or marketing. You can inform us to correct errors in your personal details or withdraw consent from communication methods such as telephone or email. You have the right to obtain a free copy of your patient records within one month of the request.
• If you are a client of OT Works you have the right to refuse permission to share confidential information with specified persons or parties.

ACCESS TO PERSONAL INFORMATION

You have a right under the General Data Protection Regulations to request access to view or to obtain copies of what information OT Works holds about you and to have it amended should it be inaccurate. In order to request this, you need to do the following:

• Your request must be made in writing to the Data Protection Officer for OT Works via tonya@otworks.co.uk
• You have a right of access to a copy of all of the information held about you free of charge.
• We are required to respond to you within one month.
• You will need to give adequate information (for example full name, address, date of birth, relevant ID numbers and details of your request) so that your identity can be verified and your records located If you wish to exercise any of these rights, please contact tonya@otworks.co.uk for details of how an application may be made.

SECURITY OF INFORMATION

Personal data about you is held on OT Works computer system and/or in a manual filing system. The information is not accessible to the public and only authorised members of staff have access to it.

OT Works also makes use of an online practice management software system supplied by Writeupp. WriteUpp is also GDPR compliant. It uses two-factor authentication login and encrypted data replication across different servers to keep your records safe. Their privacy policy can be found at https://www.writeupp.com/privacy-policy.pdf

Email correspondence is handled through the Zoho Mail Client. All email content is stored in encrypted format on servers located in the EU, ensuring full compliance with GDPR. Zoho Mail is certified to ISO 22301 and ISO 9001 standards. For more information about their policies and data protection protocols, visit https://www.zoho.com/mail/gdpr.html.

DISCLOSURE OF INFORMATION

In order to provide professional and safe Occupational Therapy services, we may need to disclose personal information about you to other health professionals caring for you. You will be informed who your data will be shared with and in some cases asked for explicit consent for this to happen when this is required. OT Works will always handle your confidential information with utmost care and respect.

8. Contact Information

If you have any questions about these Policies, please contact us here.