DSA-QAG ("the organisation") retains certain information about its employees, practitioners and other users to allow it to monitor performance, achievements, and health and safety, for example. It also needs to process information so that members of staff can be recruited and paid, support for practitioners organised (e.g. assessment centres, outreach centres and non-medical helper organisations) and obligations to stakeholders and government complied with. To comply with the law, information must be collected and used fairly, stored safely and not disclosed to any other person unlawfully. To do this, the Organisation must comply with the General Data Protection Regulation (GDPR).
DSA-QAG fully endorses and adheres to the principles of GDPR.
These principles specify that personal data must be:
- Lawfulness, fairness and transparency.
- Purpose limitation.
- Data minimisation.
- Storage limitation.
- Integrity and confidentiality (security).
As per the GDPR, members of staff, practitioners and other Data Subjects of the organisation have the right to request access to any personal data that is being kept about them either on computer or in certain files. Any person who wishes to exercise this right should complete a Subject Access Request in writing and submit it to the Designated Data Controller.
All members of staff are responsible for:
- Checking that any information they provide to the organisation in connection with their employment is accurate and up-to-date.
- Informing the organisation of any error or change to the information they have provided, for instance a change of address. The organisation cannot be held responsible for any such errors unless the member of staff has informed the organisation of them.
When, as part of their responsibilities, members of staff collect information about other people, (for instance about practitioners), they must comply with the Guidelines for Members of Staff.
All members of staff are responsible for ensuring that:
- Any personal data held by them is kept securely, for instance, computerised data, should be password protected; and
- Personal information is not disclosed either orally or in writing, accidentally or otherwise to any unauthorised third party.
Rights to Access Information
Employees and other subjects of personal data held by DSA-QAG have the right to access any personal data that is being kept about them.
Any person who wishes to exercise this right should make the request in writing to Karen Docherty, Chief Executive, DSA-QAG, Central Chambers, Suite 350, 4th Floor, 93 Hope Street, G2 6LD.
If personal details are inaccurate, they can be amended upon request made in writing to Karen Docherty, Chief Executive.
Publication of DSA-QAG Information
Information that is already in the public domain is exempt from GDPR. This would include, for example, information on individuals acting as point of contact contained in the databases published on the DSA-QAG website.
When we collect any personal data from you, we will inform you why we are collecting your data and what we intend to use it for.
Data Protection Policy
Please find below the DSA-QAG Data Protection Policy:
Information Security Policy
Please find below the DSA-QAG Information Security Policy: