Bribery is, in the conduct of the Company’s business, the offering or accepting of any gift, loan, payment, reward or advantage for personal gain as an encouragement to do something which is dishonest, illegal or a breach of trust.
Bribery is a criminal offence. The Company prohibits any form of bribery. We require compliance, from everyone connected with our business, with the highest ethical standards and anti-bribery laws applicable. Integrity and transparency are of utmost importance to us and we have a zero tolerance attitude towards corrupt activities of any kind, whether committed by Meducate Academy employees or by third parties acting for or on behalf of Meducate Academy.
The purpose of this policy is to convey to all employees and interested parties of Meducate Academy the rules of the Company in relation to our unequivocal stance towards the eradication of bribery and our commitment to ensuring that Meducate Academy conducts its business in a fair, professional and legal manner.
It is a criminal offence to:
offer a bribe
accept a bribe
bribe a foreign official
as a commercial organisation, to fail to prevent a bribe.
You should be aware that if you are found guilty by a court of committing bribery, you could face up to 10 years in prison and/or an unlimited fine. The Company could also face prosecution and be liable to pay a fine.
Definitions of bribery and corruption
Corruption is the misuse of office or power for private gain. Bribery is a form of corruption which means in the course of business giving or receiving money, gifts, meals, entertainment or anything else of value as an inducement to a person to do something which is dishonest or illegal.
This policy applies to all employees of Meducate Academy, regardless of seniority or site. It also extends to anyone working for or on our behalf e.g. those engaged by us on a self-employed basis or an agency arrangement.
We will encourage the application of this policy where our business involves the use of third parties e.g. suppliers; contractors.
It is prohibited, directly or indirectly, to offer, give, request or accept any bribe i.e. gift, loan, payment, reward or advantage, either in cash or any other form of inducement, to or from any person or company in order to gain commercial, contractual or regulatory advantage for the Company, or in order to gain any personal advantage for an individual or anyone connected with the individual in a way that is unethical.
It is also prohibited to act in the above manner in order to influence an individual in his capacity as a foreign public official. You should not make a payment to a third party on behalf of a foreign public official.
If you are offered a bribe, or a bribe is solicited from you, you should not agree to it unless your immediate safety is in jeopardy. You should immediately contact a director so that action can be taken if considered necessary. You may be asked to give a written account of events.
If you, as an employee or person working on our behalf, suspect that an act of bribery, or attempted bribery, has taken place, even if you are not personally involved, you are expected to report this to contact a director. You may be asked to give a written account of events.
Appropriate checks will be made before engaging with suppliers or other third parties of any kind to reduce the risk of our business partners breaching our anti-bribery rules.
The Company will ensure that all of its transactions, including any sponsorship or donations given to charity, are made transparently and legitimately.
Meducate Academy takes any actual or suspected breach of this policy extremely seriously and will carry out a thorough investigation should any instances arise.
We will uphold laws relating to bribery and will take disciplinary action against any employee, or other relevant action against persons working on our behalf or in connection with us, should we find that an act of bribery, or attempted bribery, has taken place. This action may result in your dismissal if you are an employee, or the cessation of our arrangement with you if you are self-employed, an agency worker, contractor etc.
Staff are reminded of the Company’s whistleblowing policy which is available in the employee handbook, or upon request.
Gifts and hospitality
We realise that the giving and receiving of gifts and hospitality where nothing is expected in return helps form positive relationships with third parties where it is proportionate and properly recorded. This does not constitute bribery and consequently such actions are not considered a breach of this policy.
Gifts include money; goods (flowers, vouchers, food, drink, event tickets when not used in a hosted business context); services or loans given or received as a mark of friendship or appreciation.
Hospitality includes entertaining; meals or event tickets (when used in a hosted business context) given or received to initiate or develop relations. Hospitality will become a gift if the host is not present.
No gift should be given nor hospitality offered by an employee or anyone working on our behalf to any party in connection with our business without receiving prior written approval from a director. Similarly, no gift nor offer of hospitality should be accepted by an employee or anyone working on our behalf without receiving prior written approval from a director.
A record will be made of every instance in which gifts or hospitality are given or received.
As the law is constantly changing, this policy is subject to review and the Company reserves the right to amend this policy without prior notice.
Data protection policy
Aim and scope of policy
This policy applies to the processing of personal data in manual and electronic records kept by the Company in connection with its human resources function as described below. It also covers the Company’s response to any data breach and other rights under the General Data Protection Regulation and current Data Protection Act.
This policy applies to the personal data of job applicants, existing and former employees, apprentices, volunteers, placement students, workers and self-employed contractors. These are referred to in this policy as relevant individuals.
“Personal data” is information that relates to an identifiable person who can be directly or indirectly identified from that information, for example, a person’s name, identification number, location, online identifier. It can also include pseudonymised data.
“Special categories of personal data” is data which relates to an individual’s health, sex life, sexual orientation, race, ethnic origin, political opinion, religion, and trade union membership. It also includes genetic and biometric data (where used for ID purposes).
“Criminal offence data” is data which relates to an individual’s criminal convictions and offences.
“Data processing” is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
The Company makes a commitment to ensuring that personal data, including special categories of personal data and criminal offence data (where appropriate) is processed in line with GDPR and domestic laws and all its employees conduct themselves in line with this, and other related, policies. Where third parties process data on behalf of the Company, the Company will ensure that the third party takes such measures in order to maintain the Company’s commitment to protecting data. In line with current data protection legislation, the Company understands that it will be accountable for the processing, management and regulation, and storage and retention of all personal data held in the form of manual records and on computers.
Types of data held
Personal data is kept in personnel files or within the Company’s HR systems. The following types of data may be held by the Company, as appropriate, on relevant individuals:
name, address, phone numbers – for individual and next of kin
CVs and other information gathered during recruitment
references from former employers
National Insurance numbers
job title, job descriptions and pay grades
conduct issues such as letters of concern, disciplinary proceedings
internal performance information
medical or health information
sickness absence records
terms and conditions of employment
Relevant individuals should refer to the Company’s privacy notice for more information on the reasons for its processing activities, the lawful bases it relies on for the processing and data retention periods.
Data protection principles
All personal data obtained and held by the Company will:
be processed fairly, lawfully and in a transparent manner
be collected for specific, explicit, and legitimate purposes
be adequate, relevant and limited to what is necessary for the purposes of processing
be kept accurate and up to date. Every reasonable effort will be made to ensure that inaccurate data is rectified or erased without delay
not be kept for longer than is necessary for its given purpose
be processed in a manner that ensures appropriate security of personal data including protection against unauthorised or unlawful processing, accidental loss, destruction or damage by using appropriate technical or organisation measures
comply with the relevant data protection procedures for international transferring of personal data.
In addition, personal data will be processed in recognition of an individuals’ data protection rights, as follows:
the right to be informed
the right of access
the right for any inaccuracies to be corrected (rectification)
the right to have information deleted (erasure)
the right to restrict the processing of the data
the right to portability
the right to object to the inclusion of any information
the right to regulate any automated decision-making and profiling of personal data.
The Company has taken the following steps to protect the personal data of relevant individuals, which it holds or to which it has access:
it appoints or employs employees with specific responsibilities for:
the processing and controlling of data
the comprehensive reviewing and auditing of its data protection systems and procedures
overviewing the effectiveness and integrity of all the data that must be protected.
There are clear lines of responsibility and accountability for these different roles.
it provides information to its employees on their data protection rights, how it uses their personal data, and how it protects it. The information includes the actions relevant individuals can take if they think that their data has been compromised in any way it provides its employees with information and training to make them aware of the importance of protecting personal data, to teach them how to do this, and to understand how to treat information confidentially it can account for all personal data it holds, where it comes from, who it is shared with and also who it might be shared with it carries out risk assessments as part of its reviewing activities to identify any vulnerabilities in its personal data handling and processing, and to take measures to reduce the risks of mishandling and potential breaches of data security. The procedure includes an assessment of the impact of both use and potential misuse of personal data in and by the Company it recognises the importance of seeking individuals’ consent for obtaining, recording, using, sharing, storing and retaining their personal data, and regularly reviews its procedures for doing so, including the audit trails that are needed and are followed for all consent decisions. The Company understands that consent must be freely given, specific, informed and unambiguous. The Company will seek consent on a specific and individual basis where appropriate. Full information will be given regarding the activities about which consent is sought. Relevant individuals have the absolute and unimpeded right to withdraw that consent at any time it has the appropriate mechanisms for detecting, reporting and investigating suspected or actual personal data breaches, including security breaches. It is aware of its duty to report significant breaches that cause significant harm to the affected individuals to the Information Commissioner, and is aware of the possible consequences
it is aware of the implications international transfer of personal data internationally.
Access to data
Relevant individuals have a right to be informed whether the Company processes personal data relating to them and to access the data that the Company holds about them. Requests for access to this data will be dealt with under the following summary guidelines:
a form on which to make a subject access request is available from Claire Green. The request should be made to email@example.com the Company will not charge for the supply of data unless the request is manifestly unfounded, excessive or repetitive, or unless a request is made for duplicate copies to be provided to parties other than the employee making the request the Company will respond to a request without delay. Access to data will be provided, subject to legally permitted exemptions, within one month as a maximum. This may be extended by a further two months where requests are complex or numerous.
Relevant individuals must inform the Company immediately if they believe that the data is inaccurate, either as a result of a subject access request or otherwise. The Company will take immediate steps to rectify the information.
For further information on making a subject access request, employees should refer to our subject access request policy, available from Claire Green.
The Company may be required to disclose certain data/information to any person. The circumstances leading to such disclosures include:
any employee benefits operated by third parties disabled individuals – whether any reasonable adjustments are required to assist them at work individuals’ health data – to comply with health and safety or occupational health obligations towards the employee for Statutory Sick Pay purposes HR management and administration – to consider how an individual’s health affects his or her ability to do their job
the smooth operation of any employee insurance policies or pension plans.
These kinds of disclosures will only be made when strictly necessary for the purpose.
The Company adopts procedures designed to maintain the security of data when it is stored and transported. More information can be found in the data transfer security policy.
In addition, employees must: ensure that all files or written information of a confidential nature are stored in a secure manner and are only accessed by people who have a need and a right to access them ensure that all files or written information of a confidential nature are not left where they can be read by unauthorised people refrain from sending emails containing sensitive work related information to their personal email address check regularly on the accuracy of data being entered into computers always use the passwords provided to access the computer system and not abuse them by passing them on to people who should not have them use computer screen blanking to ensure that personal data is not left on screen when not in use.
Personal data relating to employees should not be kept or transported on laptops, USB sticks, or similar devices, unless authorised by Matthew Chapman. Where personal data is recorded on any such device it should be protected by:
ensuring that data is recorded on such devices only where absolutely necessary
using an encrypted system — a folder should be created to store the files that need extra protection and all files created or moved to this folder should be automatically encrypted ensuring that laptops or USB drives are not left lying around where they can be stolen.
Failure to follow the Company’s rules on data security may be dealt with via the Company’s disciplinary procedure. Appropriate sanctions include dismissal with or without notice dependent on the severity of the failure.
International data transfers
The Company does not transfer personal data to any recipients outside of the EEA.
Where a data breach is likely to result in a risk to the rights and freedoms of individuals, it will be reported to the Information Commissioner within 72 hours of the Company becoming aware of it and may be reported in more than one instalment.
Individuals will be informed directly in the event that the breach is likely to result in a high risk to the rights and freedoms of that individual.
If the breach is sufficient to warrant notification to the public, the Company will do so without undue delay.
New employees must read and understand the policies on data protection as part of their induction.
All employees receive training covering basic information about confidentiality, data protection and the actions to take upon identifying a potential data breach.
The nominated data controller/auditors/protection officers for the Company are trained appropriately in their roles under data protection legislation.
All employees who need to use the computer system are trained to protect individuals’ private data, to ensure data security, and to understand the consequences to them as individuals and the Company of any potential lapses and breaches of the Company’s policies and procedures.
The Company keeps records of its processing activities including the purpose for the processing and retention periods in its HR data record. These records will be kept up to date so that they reflect current processing activities.
Data protection compliance
Matthew Chapman is the Company’s appointed compliance officer in respect of its data protection activities. He can be contacted at firstname.lastname@example.org
Data Protection Policy and Procedure
Meducate Academy is committed to conducting business in accordance with all applicable Data Protection Regulations and holds itself to a high ethical standard in this regard.
This policy sets out the requirement by which Meducate Academy employees and third parties shall behave in relation to the collection, use, retention, transfer, disclosure and destruction of any personal data belonging to a Meducate Academy data subject and is supported by associated data protection related policies.
Personal data is any information (including opinions) which related to an identified or identifiable natural person, and personal data relating to a natural person is known as a data subject. Personal data is subject to safeguards which impose restrictions on how organisations process personal data.
An organisation that determines the purpose for processing and the means the processing is carried out is a data controller. An organisation which carries out this processing on behalf of a data controller is known as a data processor. Depending on the relationship Meducate Academy has with the data subject it may be either the controller or processor.
This policy applies to Meducate Academy where data subject’s personal data is processed:
In the context of business activities of Meducate Academy
For the provision or offer of goods or services to individuals by Meducate Academy
Ongoing management and customer service.
The policy applies to processing of personal data in electronic form (included but not limited to email and documents created with word processing software) and data held within manual files which will be automated, or manual files which are already in a structured form and any accessible records.
Data Processing Principles
The following are the data protection principles set out in Article 5 of the GDPR, these are the principles that Meducate Academy comply with.
Principle 1: Lawfulness, Fairness and Transparency – Delivered through Privacy Notices
Principle 2: Purpose Limitation – We know what we will do with the data we have
Principle 3: Data Minimisation – We will only process the personal data we need to
Principle 4: Accuracy – We will keep the data we have up to date
Principle 5: Storage Limitation – We will only keep the data we have for a limited time
Principle 6: Integrity and Confidentiality – We will apply operational and technical security controls
Principle 7: Accountability – We will do what we say we will do to meet the other 6 principles.
Legal Condition for Processing
For Meducate Academy to comply with the GDPR, we must apply a legal basis for the processing, those legal conditions consist of:
Performance of contract or contractual negotiation
Compliance with a legal obligation
In a public interest or official authority
Where sensitive data is concerned not only must be apply one of these conditions but also one of the following conditions:
Necessity of employment or social security
Protection of vital interests
Charity, religion, other not-for profit
Right if the data is already made public by the data subject
Necessary in a legal claim
In the public’s interest
Medical diagnosis or treatment
In the interests of public health
Historical, scientific or statistical purposes
Sensitive data consists of the following:
Race or ethnic origin
Religious or philosophical beliefs
Sexual life or orientation
Trade union membership
Health / mental heath
Genetic / biometric data
Data Subjects Rights
Meducate Academy shall ensure we have the systems and processes in place to allow data subjects to exercise their rights in relation to:
Right of access to personal information – Through a subject access request
Right to rectification – Allow the subject to change their personal data is not accurate
Right to erasure – Erase personal data in certain circumstances
Right to restrict processing
Right to notification regarding rectification
Right to data portability
Right to object to processing of personal data in certain circumstances
Rights around automated decision making and profiling
Other Areas for Compliance
There are several other important obligations by which Meducate Academy must comply with to deliver our data protection obligations, these are:
Data transfers – Meducate Academy does not transfer data outside the EEA
Data protection training – Meducate Academy recognise the need for our employees to be aware of their data protection obligation and our employees have received appropriate training.
Complaints handling – Meducate Academy follow the complaints handling process set out by the Information Commissioner and communicate this to data subjects.
Breach Reporting – Meducate Academy follow the breach notification process set out by the Information Commissioner and communicate this to data subjects.
Privacy Impact Assessments – Should Meducate Academy need to conduct one as systems, process or technology change we shall do so.
Data Protection Officer – Meducate Academy do not currently require a data protection officer but shall keep this under review as the business changes over time, should one be required they shall be appointed.
Processor due diligence – Meducate Academy recognise there are requirements places upon us as a data controller when choosing a data processor. Meducate Academy shall satisfy itself that all data processors it uses meet the expected requirements set out in the Regulation. Where transfers to third parties are concerned appropriate measures and safeguards shall be taken.
Meducate Academy shall keep on top of its data protection obligations and review this along with other supporting polices on an annual basis or as processing changes and shall be review and approved by Directors of the business prior to being issued.
Meducate Academy Environmental Policy
Meducate Academy recognises its responsibility to help protect our environment and pledges that it will as far as is safe, practical and economically sound, conduct its business activities in such a manner as to minimise any adverse environmental impact.
The Company promotes its Environmental Policy by following the practices indicated below:
Comply with and where possible exceed all legal requirements and relevant codes of practice
Operate our business in a way that protects the environment
Promote environmental awareness to employees and enlist their support in improving the Company’s performance through training and instruction
Minimise waste by evaluating processes and ensuring that they are as efficient as possible
Economise on raw materials, conserve energy and water, and minimise the use of environmentally damaging and non-recyclable materials
Actively promote recycling both internally and among our suppliers and customers where possible
Manage supply to minimise the environmental impact of both manufacturing and distribution
Recycle paper, cartons, water, packaging and off-cut material wherever possible to reduce the amount of waste going to landfill
Manage our usage of water to create year on year reductions
Target all our operations, staff and suppliers to cut CO2 emissions
Continual improvement of our environmental management system.
Meducate Academy and its employees are committed to protecting the environment, a value that is at the very core of everything we do.
Equality and diversity policy
We are an equal opportunities employer. We are committed to equality of opportunity and to providing a service and following practices which are free from unfair and unlawful discrimination. The aim of this policy is to ensure that no applicant or member of staff receives less favourable treatment on the grounds of age, disability, gender reassignment, marriage and civil partnership, pregnancy or maternity, race, religion or belief, sex or sexual orientation, or is disadvantaged by conditions or requirements which cannot be shown to be relevant to performance. It seeks also to ensure that no person is victimised or subjected to any form of bullying or harassment.
We value people as individuals with diverse opinions, cultures, lifestyles and circumstances. All employees are covered by this policy and it applies to all areas of employment including recruitment, selection, training, deployment, career development, and promotion. These areas are monitored and policies and practices are amended if necessary, to ensure that no unfair or unlawful discrimination, intentional, unintentional, direct or indirect, overt or latent exists.
The Manager has particular responsibility for implementing and monitoring the Equality and diversity policy and, as part of this process, all personnel policies and procedures are administered with the objective of promoting equality of opportunity and eliminating unfair or unlawful discrimination.
All employees, workers or self-employed contractors whether part time, full time or temporary, will be treated fairly and with respect. Selection for employment, promotion, training, or any other benefit will be on the basis of aptitude and ability. All employees will be helped and encouraged to develop their full potential and the talents and resources of the workforce will be fully utilised to maximise the efficiency of the Company.
Equality of opportunity, valuing diversity and compliance with the law is to the benefit of all individuals in our Company as it seeks to develop the skills and abilities of its people. While specific responsibility for eliminating discrimination and providing equality of opportunity lies with managers and supervisors, individuals at all levels have a responsibility to treat others with dignity and respect. The personal commitment of every employee to this policy and application of its principles are essential to eliminate discrimination and provide equality throughout the Company.
Our commitment as an employer
The Company is committed to:
creating an environment in which individual differences and the contributions of our staff are recognised and valued entitling every employee, worker or self-employed contractor to a working environment that promotes dignity and respect to all. No form of intimidation, bullying or harassment will be tolerated providing training, development and progression opportunities to all staff understanding equality in the workplace is good management practice and makes sound business sense
reviewing all our employment practices and procedures to ensure fairness.
Our commitment as a service provider
The Company is committed to:
providing services to which all clients are entitled regardless of age, disability, gender reassignment, marriage and civil partnership, pregnancy or maternity, race, religion or belief, sex or sexual orientation, offending past, caring responsibilities or social class
making sure our services are delivered equally and meet the diverse needs of our service users and clients by assessing and meeting the diverse needs of our clients
fully supporting this policy by senior management and ensuring agreement has been reached with employee representatives
selecting those for employment, promotion, training, or any other benefit purely on the basis of aptitude and ability
monitoring and reviewing this policy annually
having clear procedures that enable our clients, candidates for jobs and employees to raise a grievance or make a complaint if they feel they have been unfairly treated
treating breaches of our equality and diversity policy as misconduct which could lead to disciplinary proceedings
encouraging all staff to come forward with any issues they need Company assistance and understanding with, no matter their background, identity or circumstances, such as if they are victims of domestic abuse or have caring commitments.
Equal opportunity policy statements
ensure that people of all ages are treated with respect and dignity
ensure that people of working age are given equal access to our employment, training, development and promotion opportunities and
challenge discriminatory assumptions about younger and older people.
provide any reasonable adjustments to ensure disabled people have access to our services and employment opportunities
challenge discriminatory assumptions about disabled people and
seek to continue to improve access to information by ensuring availability of loop systems, braille facilities, alternative formatting and sign language interpretation.
challenge racism wherever it occurs
respond swiftly and sensitively to racists incidents and
actively promote race equality in the Company.
challenge discriminatory assumptions about women and men
take positive action to redress the negative effects of discrimination against women and men
offer equal access for women and men to representation, services, employment, training and pay and encourage other organisations to do the same and
provide support to prevent discrimination against transsexual people who have or who are about to undergo gender reassignment.
ensure that we take account of the needs of lesbians, gay men and bisexuals and
promote positive images of lesbians, gay men and bisexuals.
Religion or belief
ensure that employees’ religion or beliefs and related observances are respected and accommodated wherever possible and
respect people’s beliefs where the expression of those beliefs does not impinge on the legitimate rights of others.
Pregnancy or maternity
ensure that people are treated with respect and dignity and that a positive image is promoted regardless of pregnancy or maternity
challenge discriminatory assumptions about the pregnancy or maternity of our employees and
ensure that no individual is disadvantaged and that we take account of the needs of our employees’ pregnancy or maternity.
Marriage or civil partnership
ensure that people are treated with respect and dignity and that a positive image is promoted regardless of marriage or civil partnership;
challenge discriminatory assumptions about the marriage or civil partnership of our employees and
ensure that no individual is disadvantaged and that we take account the needs of our employees’ marriage or civil partnership.
We will prevent discrimination against our employees regardless of their offending background (except where there is a known risk to children or vulnerable adults).
We will ensure that all employees, male or female, have the right to the same contractual pay and benefits for carrying out the same work, work rated as equivalent work or work of equal value.
The Company recognises the dangers of unconscious bias arising at work, which is where an opinion is formed on an individual by a manager or colleague without them necessarily being aware, they have formed it.
There are many different forms of unconscious bias, ranging from an affinity towards those of a similar background to placing too much significance on what has been identified as a negative trait.
The organisation will work against forms of unconscious bias in all decisions taken for employment, including recruitment, promotion and training opportunities, with a focus on promoting diversity and inclusion.
Meducate Academy Health and Safety Policy Statement
The Management of Meducate Academy; incorporating all areas of the business, regard the promotion of Health & Safety measures as an absolute requirement for management and employees at all levels.
The company is committed to:
Identifying hazards within or arising out of its undertaking and to taking all reasonably practicable steps to eliminate or otherwise reduce to an acceptable level, risks of injury and ill health to its employees and others who may be exposed to such hazards.
Complying with current legislation in regards to matters that relate to occupational health and safety.
Developing an occupational health and safety management system that is compatible with UK best practice and implementing the system across all sectors of its business.
Ensuring continual improvement within its occupational health and safety management system and the occupational health and safety performance of its undertaking.
Primary responsibility for setting occupational health and safety objectives and reviewing occupational health and safety performance resides with the Managing Director and the senior management of the company.
It is the Company’s aim to promote, set and maintain the highest standards for health, safety and welfare matters. This will be achieved by:
providing adequate control of the health and safety risks arising from the work activities;
consulting with employees on matters affecting health and safety;
providing and maintaining safe plant and equipment;
ensuring safe handling and use of substances;
providing information, instruction and supervision for employees;
ensuring all employees are competent to do their tasks;
preventing accidents and cases of work-related ill health;
maintaining safe and healthy working conditions; and
reviewing and revising this policy as necessary at regular intervals.
The company will endeavour to eliminate any hazards which may result in personal injury, industrial illness, fire, security losses, property damage or harm to the environment.
This Group Health and Safety Statement shall be reviewed annually by the Directors or more frequently as circumstances require
Security Policy Statement
Information processing is a large part of our business processes and we must protect the integrity of our data and perhaps more crucially the people involved in the day to day handling and management of the data.
Information security is primarily about people but is facilitated by the appropriate use of technology. Important factors are:
Assurance that information is managed appropriately, securely and in a consistent and corporate way
Assurance that we as an organisation provide a secure, safe environment for the management of information used in delivering our services
Assurance that information is accessible only to those authorised to have access
Clarity over rules and responsibilities of staff in regard to information security
Ensure that risks are identified and appropriate controls are implemented and documented
Regulators are identified and appropriate access to information is given in a timely and lawful manner
It is important therefore that all staff understand and comply with all requirement of this policy in their day to day handling of information. Further, what procedures, standards or protocols exist for the sharing of information with others; and perhaps most importantly, how to report as suspected breach of information security, intentionally or otherwise.
Within this organisation the following is in place:
Access to I.C.T facilities are restricted to authorised users who have business needs to use such facilities, which are password protected.
Access to written data such as personal or client information is on a need to know basis.
Equipment inventories are established and reviewed at regular intervals.
Computer and Network management is regularly reviewed including back-up off site where applicable.
Regular virus checks are in place to prevent malicious incident.
No staff are allowed to install software by any means, without the approval of a director.
Regular monitoring of I.C.T. use (including telephone communications) is available to the organisation.
This is covered during Induction under good governance and staff are aware of their responsibilities from the beginning of their employment.
Modern slavery Policy
This statement applies to Meducate Academy (referred to in this statement as ‘the Organisation’).
The Organisation considers that modern slavery encompasses:
forced work, through mental or physical threat
being owned or controlled by an employer through mental or physical abuse of the threat of abuse
being dehumanised, treated as a commodity or being bought or sold as property
being physically constrained or to have restriction placed on freedom of movement.
The Organisation acknowledges its responsibilities in relation to tackling modern slavery and commits to complying with the provisions in the Modern Slavery Act 2015. The Organisation understands that this requires an ongoing review of both its internal practices in relation to its labour force and, additionally, its supply chains.
The Organisation does not enter into business with any other organisation, in the United Kingdom or abroad, which knowingly supports or is found to involve itself in slavery, servitude and forced or compulsory labour.
No labour provided to the Organisation in the pursuance of the provision of its own services is obtained by means of slavery or human trafficking. The Organisation strictly adheres to the minimum standards required in relation to its responsibilities under relevant employment legislation.
The Organisation considers its main exposure to the risk of slavery and human trafficking to exist in the supply of temporary labour and we ensure that any suppliers have their own commitment to eradicating modern slavery.
In general, the Organisation considers its exposure to slavery/human trafficking to be relatively limited.
The Organisation carries out due diligence processes in relation to ensuring slavery and/or human trafficking does not take place in its organisation or supply chains, including conducting a review of the controls of its suppliers.
The Organisation has not, to its knowledge, conducted any business with another organisation which has been found to have involved itself with modern slavery.
In accordance with section 54(4) of the Modern Slavery Act 2015, the Organisation has taken the following steps to ensure that modern slavery is not taking place:
reviewing supplier contracts to include termination powers in the event that the supplier is, or is suspected, to be involved in modern slavery
measures in place to identify and assess the potential risks in our supply chains
undertaking impact assessments of our services upon potential instances of slavery
Young Worker and Child Labour Policy
This Policy is intended to help all organisations that are involved in the manufacture or supply of goods to Sentinel Partners, collectively known as suppliers, understand the steps they need to take to protect young workers and to ensure compliance with the United Nations International Labour Organisation’s Conventions relating to child labour.
Meducate Academy defines a young worker as someone under the age of 18 who is legally entitled to work and a child worker as someone under the age of 18 who is not legally entitled to work.
Meducate Academy supports the employment of young workers within its supply chain, provided that adequate precautions are put in place for their protection.
Children must not be involved in the manufacture or supply of goods to Sentinel Partners. Children who are made to work, or who choose to work, are deprived of their rights to a childhood and education and are at risk of endangering their physical, mental and social well-being.
Meducate Academy expects suppliers to monitor their own supply chains and to contact Meducate Academy immediately if they have any concerns regarding young workers or child workers. In return, if instances of child labour are identified, Meducate Academy commits to supporting and working with suppliers to develop responsible solutions that are in the best interests of the children.
Meducate Academy is responsible for communicating this Policy to its suppliers. Meducate Academy suppliers are responsible for its implementation and for making Meducate Academy aware of any issues.
Protecting Young Workers
Young workers between the minimum age of employment and 18 years old can be employed, provided there are adequate precautions to protect them. They must not be employed at night, work overtime or carry out any form of hazardous work.
Meducate Academy supports formal work-based training programs that enable young workers to learn new skills. These programs must be aimed at developing young workers’ skills and experience. Young workers on training programs must be paid at least minimum wage.
Factories must have effective systems in place to check the ages of all recruited employees and must hold copies of official documentation for every worker that verifies their date of birth.
If date of birth documents are not available the employee’s age must be established using other appropriate and reliable methods.
Ensure full compliance with local requirements relating to young workers.
Conduct specific young worker risk assessments to identify any hazardous work or conditions.
Ensure young workers are not engaged in night work, hazardous work or physically demanding work.
Inform the Meducate Academy Management Team of any young workers employed in your supply chain who are under the age of 16.
Do not allow children in production areas under any circumstances.
Child Labour Remediation
Children must not be involved in any part of Meducate Academy supply chain. However, if child labour is found, Meducate Academy commits to continuing its business relationship with the supplier and providing them with support to develop responsible solutions that are in the best interests of the children.
If a child worker is present at a site, or involved in off-site production, the supplier must:
Minimise the risk to the children by removing them from the production area or, if the children are working from home, stopping their work.
Immediately inform Meducate Academy Management Team.
While a remediation programme is being developed, the site should not dismiss the children and should continue to pay wages. Under no circumstances should the children continue to work or be present in a production area during this period.
Meducate Academy responsibilities
If child workers are found in the Meducate Academy supply chain, Meducate Academy will seek to work in partnership with the supplier and appropriately qualified organisations to develop a responsible solution that is in the best long-term interests of the children. Such programmes will be based on available best practice and will seek to meet the educational, social and economic needs of the children concerned. This will include:
Providing protection for the children’s immediate safety and welfare.
Understanding the economic and social reasons for employing children.
Developing a remediation plan that secures the children’s education and right to a childhood.
Evaluating alternative ways of supporting the children financially.
Ongoing monitoring of the children’s welfare.
If you have any concerns or questions regarding young or child workers, please contact the Meducate Academy Management Team.
ite. The sky is the limit.