Read our Confidentiality Policy in full
What do you do with my information?
Your worker uses the information we have about you to help them understand your support needs.
We keep this information on a secure, internal database for a period of 20 years, in line with the NHS's Records Management Code of Practice.
There might be times they will need to share some of your information with a manager, either to make sure we are offering the right support or to keep you, or someone else, safe.
Otherwise, we don’t share this information outside of our organisation to anyone, unless one of the following occurs:
- You ask us to share it with someone.
- In very rare circumstances, we may be legally required to do so under UK Law (such as becoming aware of a terrorism threat or a lawful request relating to court proceedings)
- You give us permission to include information in reports that we generate (meaning there would be no information shared that could identify you).
- We have concerns that you, another young person or a vulnerable adult, is at risk of significant harm.
What does "significant harm" mean?
Significant harm can include abuse, neglect or ill-treatment that can be physical, emotional or sexual in nature, as well as actions that might otherwise cause lasting harm to someone’s health or development.
According to the UK Data Protection Act 2018 (section 1.2.18), safeguarding concerns that can trigger sharing someone's data specifically includes:
protecting an individual from neglect or physical, mental or emotional harm, or protecting the physical, mental or emotional well-being of an individual
Any decision to share information about you will take your circumstances into account, including:
any protective factors that might be helping to keep you safe
who else knows what's happening and whether they’re able to support you
your age (see "about your age" for more info)
If we do have concerns about significant harm and need to act, then we;
- will always try to talk you about this first and to involve you in the decision, as much as we can
- may talk the decision through with the 42nd Street manager on duty before sharing information, to make sure we are acting in the best interests of everyone involved
- will only share the information needed to make sure everyone involved is kept safe and only do so with relevant services
- will update you with the outcomes of any information sharing
How do I know my information is safe?
All the above information is stored on a secure database, which is only accessible to 42nd Street staff.
If we ever need to share written information about you for the reasons mentioned above, we use a secure, encrypted e-mail system to do that.
If you’ve given us permission, your data will be anonymised and included in reports that we produce about our service, so that no one will be able to identify you and no one outside of 42nd Street will have access to your original information in this way.
(If you access support with us through the SilverCloud CBT platform, that information is securely stored with SilverCloud. You can read their privacy policy here)
Could any of your policies change?
All our organisational policies are reviewed every year to ensure they’re accurate and to capture any changes in legislation that may have happened nationally (for example, changes in UK Data Law).
In general, the majority of updates won’t alter the key functions of any policy. They tend to be along the lines of incorporating new job roles, referencing any new internal systems used, referencing a different paragraph in an updated piece of legislation and so on.
In the rare instance that we ever update a policy in a significant way that could have an impact on your support with us or what we do with your data, we will get in touch and let you know.
You can always find the most up to date confidentiality and data policy on our site, and they include a list of dates when they were reviewed. Any significant changes since the last version will be highlighted on this