SECURITY POLICY
POLICY STATEMENT
THE HEALING LINK (“WE”, “THL”) takes reasonable and proportionate steps to identify, assess and reduce risks relating to the processing of personal data.
POLICY CONSIDERATIONS
THL takes into consideration-
- the type of personal data processed;
- how and where information is stored;
- who has access to personal data;
- potential risks of unauthorised access, loss, misuse, disclosure, alteration or destruction of data;
- and the potential impact on individuals should a data protection incident occur.
SECURITY MEASURES
THL implements appropriate technical and organisational measures designed to safeguard personal information. These measures may include:
- restricted access to data on a need-to-know basis;
- password protection and multi-factor authentication where appropriate;
- secure systems, platforms and service providers;
- regular review of account access and permissions;
- staff and team awareness of confidentiality and data protection responsibilities;
- secure handling of electronic communications;
- and procedures for responding to suspected data breaches or security incidents.
POLICY REVIEW AND UPDATES
Data protection risks are reviewed periodically and measures may be updated where necessary to reflect operational, technological or legal developments.
THIRD PARTIES
Where third-party providers are used to support THL’s services, reasonable steps are taken to ensure those providers maintain appropriate data protection and security standards.
RESPONSIBILITIES
Shelley James and Kelly White are responsible for data protection and security monitoring.
Individuals acting on behalf of THL who may have access to personal data are expected to handle such information responsibly, confidentially and in accordance with applicable data protection obligations.
Date Updated – 13/05/26