Privacy statements

In this section you can learn about how we manage our legal responsibilities in respect of information.

The UK General Data Protection Regulations (GDPR) forms part of the data protection regime in the UK, together with the Data Protection Act 2018 (DPA 2018) both of which applied from 25 May 2018. The Information Commissioner’s Office provides useful information about the new legislative framework which can be accessed by clicking on the following web links:

  • Guide to UK GDPR.
  • Guide to DPA 2018.

 

Data protection officer. (DPO)

One of the requirements of the legislation is to have a nominated Data Protection Officer. Our Data Protection Officer can be contacted via [email protected].

How your information is used.

Our Privacy Notice tells you about information we collect and hold about you, what we do with it, how we look after it and who we might share it with. It covers information we collect directly from you or receive from other individuals or organisations.

The UK GDPR provides the following rights for individuals:

  • The right to be informed.
  • The right of access.
  • The right to rectification.
  • The right to erasure.
  • The right to restrict processing.
  • The right to data portability.
  • The right to object.
  • Rights in relation to automated decision making and profiling.

 

Our Privacy Statements provide additional details beyond our standard privacy notice, outlining the specific data we gather and retain about you, our procedures for handling it, and the parties with whom we may share it. This encompasses information obtained directly from you as well as data received from other individuals or organisations.

Privacy statements

Information about care providers, registered persons, and employees.

Information about our associates and new applicants.

Information about people who use our website

Information about people who use services and the public

How we may access and use your personal and medical records

Our client providers may require us to access sensitive information through the course of providing front line support – including personal and medical records.

For example, we may be required to supply clients with locum staff (replacement staff in the instance of staff shortages) and they will be exposed to care planning, consent, cooperating with other providers, and management of medicines.

If you do not want us to look at your personal information if providing locum services, you can tell your care provider. They can mark your records to show that you do not want us to see them, but this may result in a delay to accessing services or certain other requests, such as medical enquiries.

If we know that you don’t want us to look at your information as part of our locum services, we will respect your wishes, other than in rare circumstances which are explained in our Code of Practice on Confidential Personal Information.

Other information we receive from care services

Providers and managers of care services seeking our support will tell us about certain events and incidents, including where they have received allegations of abuse, or where someone using the service is seriously injured. Organisations also provide us with statistics including the number of complaints they have received.

This information will usually be anonymous, but we may ask for more information subject to our client’s requirements.

We sometimes look at records containing personal data, such as records relating to the handling of complaints. We only do this with the consent of our client and all the usual confidentiality disclaimers are completed.

We receive information from people who use our client providers, their families, friends and carers. For example, we may ask people to share their experiences of care with us. We also talk to people during on-site activity and receive letters, emails, telephone calls, comment cards and survey responses in which people tell us information pertaining to their service received. These often contain personal data.

Data and statistics

We may also receive data from NHS Digital, the trusted national provider of high-quality information, data and IT systems for health and social care.

We use these sources of data that contain personal information:

  • Community health data.
  • Emergency care data.
  • Maternity data.
  • Mental health data.
  • Hospital episode data.
  • Office of National Statistics (ONS).
  • Recent CQC report data.

 

You can find out more information about what we hold and how we use these sources on the NHS Digital registers of approved data releases. Some of this information is unique to a person (for example, local patient identifier), while postcode cannot uniquely identify a person, but all data is stored and processed with the same robust security applied to identifiable data.

Scroll to Top