We are committed to being GDPR Compliant.
We are committed to the principle inherent in the GDPR and particularly to the concept of privacy by design, the right to be forgotten, consent and a risk-based approach. In addition, we aim to ensure:
Our Data Protection Officer (DPO) is Catherine Gallacher, who works to promote awareness of the GDPR. Our DPO oversees the Group's commitment to best practice and inform and advise the Group and monitor and advise compliance.
Data protection policy is available here on this website and is available to all employees/contractors/suppliers associated with this organization. It forms a part of the induction training to all new staff and on follow-up sessions should legislation change or with further guidelines made.
Right to be forgotten
We recognize the right to erase, also known as the right to be forgotten, laid down in the GDPR. Individuals should contact us stating intent to be forgotten GDPR to:email@example.com giving the information you wish deleted. This is requesting the deletion or removal of your data. These will be acted on provided there is no compelling reason for continued processing and that the exemption set out in the GDPR does not apply. These exemptions include where the personal data is processed for the exercise or defence of legal claims and to comply with a legal obligation for the performance of a public interest task or exercise of official authority.
Clinical practice notes are normally retained for up to 7 years as per the ethical standards procedures and the notes are the property of the clinician.
Subject access requests
we recognize that individuals have the right to access their data and supplementary information and will comply with the one-month timeframe for responses set down in the GDPR. As a general rule, a copy of the requested information will be provided free of charge although we reserve the right to charge a 'reasonable fee' whenever as and when we so choose when a request is made and certainly when a request is manifestly unfounded or excessive, particularly if it is repetitive. If this proves necessary, the data subject will be informed of their right to contest our decision with the supervisory authority(Information Commissioner's Office)-our Company registration with ICO is Z7927157.
Asset out in the GDPR, any fee will be notified in advance and paid before any submission of any documentation and the cost of any administrative work of providing this information will be included in addition.
2020 exciting new changes are developing within Stepupcmg Ltd subscribe for updates.
''I didn't think it would help but after just a few short days I began to understand what it felt to be listened to and supported, she didn't judge me. I would recommend Catherine anytime.''
Catherine has worked with Glasgow City Council; Boots PLC; Aviva; WPO; Optum; CareFirst/The Priory; Diageo; Norbord; Compsych; HealthAssured; Solicitors; Financial and marketing; Rutherglen Health Centre; NES; Windmillhill Medical Practice; Dr. Keenan and partners Motherwell Health Centre; these are only a few organizations that have worked with Catherine and found her work of the highest standard.