You must treat confidential information in accordance with Key’s separate policy relating to Data Protection.  The General Data Protection Regulation and other UK-based legislation contain provisions relating to the retention and disclosure of data concerning individuals.  This includes information held electronically as well as on paper.

The definition of an individual includes, but is not limited to, the people supported by Key, people employed by Key and employees and agents of other organisations Key may work in partnership with.

• Work relating to Key and its activities must never be stored on computers or cloud-based storage systems owned by or subscribed to by employees.
• Only commit information relating to Key, its employees or the people it supports to paper when it is absolutely necessary.
• Information must only be shared with external parties when an explicit data sharing agreement permits this.
• If you believe personally identifiable information has been misplaced or lost, you must report this immediately to Key’s Data Protection Officer.