The Psychological Professions Network website is hosted by Sussex Partnership NHS Foundation Trust. Membership data is shared with the relevant regional PPN, which is hosted by an NHS Trust or Health Education England regional office.
Who is our Data Protection Officer (DPO)?
Who is our nominated representative for the purposes of Data Protection Act (DPA) /General Data Protection Regulation (GDPR)?
Our DPA/GDPR nominated representative at Sussex Partnership NHS Foundation Trust is: Kirsty Gibbons, Data Protection and Compliance Manager.
What is the purpose and legal basis for processing membership data?
The Psychological Professions Network will process membership data in order to maintain membership, provide regular communications with the membership and seek views and opinions. Under the General Data Protection Regulation the lawful basis for Sussex Partnership Foundation Trust to process this membership data falls within the following processing conditions:
- For patients and members of the public: ‘Public Task’ - Processing is in the public interest or in the exercise of official authority vested in the data controller
- For staff members: ‘Legitimate interests – processing is in the legitimate interest of the data controller.
The purpose of our membership form is to gather the personal data required in order to sign up and become members of a regional Psychological Professions Network. These details may then be used to communicate with you about general membership matters. Special category data is also collected for certain constituency groups to ensure we have a membership that is representative of the community we serve. We also collect demographic data based on your organisation to enable the PPN to report the makeup of its membership as and when required.
How long will we keep this information?
Access to your details
Will we share this information with outside parties?
The information is provided only to Sussex Partnership NHS Foundation Trust, Health Education England and to the relevant NHS Trust hosting the regional Psychological Professions Network. We will not sell information and data does not leave the UK.
What security controls are in place?
We want you to be secure when visiting our site and are committed to maintaining your privacy when doing so. Our website is protected by multiple layers of protection. The server is protected by a hardware firewall that only passes genuine traffic destined for specific services. Access to critical services are disabled and restricted as necessary.
Each server is further protected by an additional software firewall. The software firewall is configured to only allow relevant network services.
All traffic to and from the website is encrypted in transit using the latest TLS encryption protocols, in line with industry best practice.
Further to this, the website is protected by a software-based Web Application Firewall to provide protection against common vulnerabilities and known exploits. We also employ intrusion detection systems on the servers that are monitored for unusual behaviour.
The website hosting company are ISO 27001 accredited and the hosting infrastructure is fully compliant with all internationally recognised security standards.
Who is the Supervisory Authority?
The Information Commissioner’s Office: https://ico.org.uk
The Information Commissioner
Cheshire SK9 5AF
Telephone: 01625 545700.
Psychological Professions Network
35 New Church Road,