How is your personal data used?
Cancer Nutrition will always request consent to use your personal data on the pre-consultation form you complete before a consultation. If this is not completed, I will request consent via email correspondence before your data is processed. This information is needed to provide you with appropriate dietary advice for the management of your condition. Your information will not be shared with other healthcare professionals without your consent and only relevant personal data will be obtained.
Your rights and access to your information
You have a right to withdraw consent to the processing of their information by Cancer Nutrition at any point, however, dietary advice can then no longer be provided without that information. Individuals also have the right to be informed of, to rectify, to restrict processing of and to object to the information Cancer Nutrition has for them. Cancer Nutrition tries to be as open as it can be in terms of giving people access to their personal information. Individuals can request personal information by making a ‘subject access request’ under the GDPR. This can be done in writing via email at firstname.lastname@example.org and Cancer Nutrition will give you a description of it, tell you why we are holding it, who it may be disclosed to and let you have a copy of the information. If you believe that any information being held on you is incorrect or incomplete, please email Cancer Nutrition as soon as possible who will promptly correct any information found to be inaccurate. Individuals have a right to make a complaint by email also if needed.
How long is your personal data stored for?
This information will be retained for 8 years in line with the records management code of practice for Health and Social Care 2016. Even if consent for processing your personal data is withdrawn, I am legally bound to retain that information for 8 years.
What is Cancer Nutrition’s lawful basis for processing personal data?
(a) Consent: the individual has given clear consent for you to process their personal data for a specific purpose. Cancer Nutrition processes special category data which needs higher protection as it is personal health information. This is necessary for the provision of health care (Article 6, GDPR).
How is your information kept secure?
There are appropriate physical and electronic procedures in place to safeguard the information collected to prevent unauthorised access:
· Cancer Nutrition’s website is managed by Squarespace which is compliant with the GDPR regulations from the 25th May 2018.
· Any personal data sent via email is encrypted.
· Any personal data retained by Cancer Nutrition is encrypted and password protected
· The PC is password protected and has Antivirus and Firewall software.
· The personal data is backed up on the cloud storage Dropbox which is also GDPR compliant, encrypted and password protected. Any enquiries made via private messaging on social media including Instagram or Facebook is also kept confidential and is password protected.
The purpose of the Cancer Nutrition website is solely educational and information is intended to be of a general nature only. The information included on the site is not a substitute for professional medical or specific dietary advice, examination, diagnosis or treatment. Each individual case requires a full assessment to provide tailored advice. Users should seek personal and medically informed advice as appropriate from a professionally qualified dietitian on all specific situations and conditions of concern to them.
This policy was last updated in May 2018 and will be reviewed regularly and updated as appropriate.