PRIVACY POLICY

Privacy Policy

Oldercare (Haslemere) Limited provide services regulated by the Care Quality Commission at St Magnus Hospital and Rosemary Park Nursing Home.

Oldercare Limited is committed to complying with the General Data Protection Regulation and the Data Protection Act 2018.

Looking after the personal information you share with us is very important, and we want you to be confident that your personal data is kept safely and securely and to understand how we use it.

We have published this notice to help you understand

  • how and why Oldercare collect information from you;
  • who we share your information with, why and on what basis;
  • what your rights are.If we make changes to this notice it will be updated on our website. Oldercare is the ‘Data Controller’ of the personal data you provide to us, and we will sometimes refer to ourselves in this notice as “we” or “us”. By Data Controller, this means we determine the purposes and way in which any personal data are, or will be, processed.Should you need to contact us please write to:
    Data Protection Officer
    St Magnus Hospital and Rosemary Park Nursing Home Marley Common
    Marley Lane, Haslemere, Surrey. GU27 3PX

What information do we collect and why?

Oldercare is committed to abiding by the data protection legislation which states that all personal information collected and held is done so in accordance with the following principles:

  1. used lawfully, fairly and in a transparent way;
  2. collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes;
  3. relevant to the purposes we have told you about and limited only to those purposes;
  4. accurate and kept up to date;
  5. kept only for as long as necessary for the purposes we have told you about; and
  6. kept securely.

We collect information about you in order to be able to give you the best health care and support and to otherwise fulfil our obligations to you (for example if you are paying for our services and in the case of suppliers and employees).

The types of information we might collect about you:

  • Personal identifiers such as name, address, date of birth, National Insurance number
  • Contact details including phone number and email address, where applicable.
  • Financial information such as your bank account details
  • Support contact details: of your family, relatives and carers
  • Your likes and dislikes: for example food and hobbies to help us improve your care
  • Visual images: such as using CCTV in public areas.Health and other special category information we collect:
  • Notes and reports about your health, treatment and care and results of investigations and tests
  • Any relevant information from other health and social care professionals, who are, or have been, involved in your care including General Practices (GPs), Acute hospitals, Ambulance services, Clinical Commissioning Groups, NHS England, Dental, Community, Pharmaceutical and Mental Health Services, Walk-in Centres, Nursing Homes, and others including family and carers.
  • Offences and alleged offences, criminal proceedings, outcomes and sentences
  • Sexual life
  • Details about you such as racial or ethnic origin, gender, occupation, lifestyle and social circumstances, religion or similar belief
  • Information may be collected from other non-NHS organisations with whom you may also be receiving care such as social care organisations and partner services e.g. Alzheimer’s Society and Local Authorities.Information about you may also be needed for the following reasons:
  • To investigate complaints, incidents or legal claims
  • To ensure that Oldercare receives funding from its commissioners to pay for your care
  • To prepare statistics on our performance in order to manage, improve and extend the services we are able to provide to you via the CCG commissioners, including providing anonymous data sets to NHS Digital
  • We might occasionally use your anonymised information for research with your explicit consent

How do we use your information?

Data Protection says that we can only use and share your personal data where we have a proper reason to do so.

We may use your information in the following ways:

  • For the purposes of delivering health and social care for residents and patients
  • For research, with the proper permissions
  • For commissioning and service planning purposes
  • For regulatory and public health purposes
  • For employment purposes

Where do we get your information from?

We will collect and record information about you from a variety of sources including:

  1. from you directly ahead of your admission and during the course of your stay with us
  2. from your friends and relatives who provide us with information about you
  3. from anyone who has the authority to act on your behalf such as a power of attorney or deputy
  4. from healthcare professionals such as your GP, the organisation who refers you to us and officers in the local authority/ social services department

Who we share your information with and why

We will share your information with those health and care professionals who are directly involved in your care when they need to know.

There may also be situations where we need to share your personal information with other individuals and organisations outside of this, for example if someone’s health or safety is at risk or if we are required to by law. These may include:

  1. Healthcare, social and welfare organisations: Where it is lawful and necessary to do so, we will share information about you with other healthcare providers such as your GP, hospital staff, etc.
  2. Our commissioners and regulators: We may share your personal data with these public bodies when we are required to do so by law.
  3. Police forces and other law enforcement agencies: In limited circumstances, we may be required to share your personal data with the police if required for the purposes of criminal investigations and law enforcement.
  4. IT support and other service suppliers: We might use external IT providers who may have access to your personal data from time to time as is necessary to perform their services.
  5. Attorneys: We may share your personal information with an individual who has legal authority to act on your behalf such as those granted power of attorney.

 Oldercare work within the guidelines set out by data protection legislation as well as NHS healthcare guidelines, such as the NHS Caldicott principles.

Transfers to third countries
If you visit one of our websites we may collect and transfer your IP address to Google Analytics.

How long we keep your information

If we collect your personal information, the length of time we retain it is determined by several factors including the purpose for which we use that information and our obligations under other laws.

For healthcare purposes, and particularly mental health, these records need to be kept for long periods of time. These periods are guided by the NHS Digital retention schedule for 2016.

We may need your personal information to establish, bring or defend legal claims. For this purpose, we may retain your personal information after the date it is no longer needed by us for any of the purposes listed under How we use your information above. The only exceptions to this are where:

  • the law requires us to hold your personal information for a longer period, or delete it sooner;
  • you exercise your right to have the information erased (where it applies) and we do not need to hold it in connection with any of the reasons permitted or required under the law

What are your rights?

Under certain circumstances you have the following rights regarding your personal information:

  • Right to be informed -to be advised how your information is collected and used
  • Right of access –to request access to your personal information and information about how we process it
  • Right to rectification –to have your personal information corrected if it is inaccurate and to have incomplete personal information completed
  • Right to erasure (also known as the Right to be Forgotten) – to have your personal information erased.
  • Right to restriction of processing – to restrict processing of your personal information
  • Right to data portability – to electronically move, copy or transfer your personal information in a standard form
  • Right to object – to object to the processing of your personal information
  • Rights with regards to automated individual decision making, including profiling –rights relating to automated decision making, including profiling

If you wish to exercise any of these rights please contact our Data Protection Officer.

Complaints

You have the right to complain to the Information Commissioner’s Office (the “ICO”) if you are not satisfied with the way we use your information, however you are encouraged to contact us in the first place and we will endeavour to answer any questions and resolve any issues you have.

You can contact the ICO by writing to Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.

Employee Privacy Policy

Oldercare Limited is committed to complying with the General Data Protection Regulation and the Data Protection Act 2018.

Oldercare holds and process personal data about prospective, current and former employees, including temporary workers.

We have published this notice to help you understand

  • how and why Oldercare collect information from you;
  • who we share your information with, why and on what basis;
  • what your rights are. If we make changes to this notice it will be updated on our website. Oldercare is the ‘Data Controller’ of the personal data you provide to us, and we will sometimes refer to ourselves in this notice as “we” or “us”. By Data Controller, this means we determine the purposes and way in which any personal data are, or will be, processed.

What information do we collect and why?

The information we might collect and hold about you:

  • Personal identifiers such as name, address, date of birth, National Insurance number, copies of your passport/visa, professional registrations.
  • Contact details including phone number and email address.
  • Financial information such as your bank account details.
  • Family and circumstances details such as emergency contact and your partner if shared parental leave is requested
  • Education and work history such as qualifications and skills
  • Information about your job and contract such as hours, dates, leave taken, salary
  • Information about your job performance such as performance appraisals and any disciplinary/grievance procedures
  • Visual images: such as using CCTV in public areas and photographs 

    Health and other special category information we may collect:

  • Details of any periods of leave related to health or family leave etc.
  • Any health disabilities
  • Biometric data (fingerprints)
  • Any offences and alleged offences, criminal proceedings, outcomes and sentences
  • Your fitness to practice in professions that are regulated
  • Details about you such as racial or ethnic origin, gender, sexual orientation, lifestyle and social circumstances, religion or similar belief, Trade union affiliations

How do we use your information?

Data Protection says that we can only use and share your personal data where we have a proper reason to do so.

We process some of your data

  • For the performance of a contract of employment with you
  • To comply with a relevant legal obligation
  • In Oldercare’s legitimate interest
    We process some special category data f
    or the performance of our obligations in relation to employment

Exceptionally we may process and share information about you in your vital interest, for example in a medical emergency.

Where do we get your information from?

We will collect and record information about you from a variety of sources including:

  • from you directly ahead of your employment and during the course of your job application
  • from you when you commence employment with us
  • from you during the course of your employmentData we receive from third parties about you may include:
  • Referees
  • Organisations you have named as part of your application
  • HMRC
  • Pension scheme providers
  • DBS

Who we share your information with and why

  • Other employees of Oldercare including HR, education, finance, IT and security departments in order to administer your employment, provide you with required training and the tools and facilities to do your job.
  • Your line manager in order to facilitate performance management and promotions
  • HMRC in order to meet our statutory obligation
  • Pension scheme providers in order to enrol you in a pension scheme and ensure contributions are correct
  • DBS when we need to perform criminal record check
  • The Home Office in connection with UK visas and immigration
  • When necessary the police or other law enforcement agencies
  • When necessary internal and external auditors
  • When necessary to third parties requesting a reference with your consent

 How long we keep your information

  • If we collect your personal information, the length of time we retain it is determined by several factors including the purpose for which we use that information and our obligations under other laws. We may need your personal information to establish, bring or defend legal claims. For this purpose, we may retain your personal information after the date it is no longer needed by us for any of the purposes listed under How we use your information above. The only exceptions to this are where:
  • the law requires us to hold your personal information for a longer period, or delete it sooner;
  • you exercise your right to have the information erased (where it applies) and we do not need to hold it in connection with any of the reasons permitted or required under the lawWhat are your rights? Under certain circumstances you have the following rights regarding your personal information:
  • Right to be informed -to be advised how your information is collected and used
  • Right of access –to request access to your personal information and information about how we process it
  • Right to rectification –to have your personal information corrected if it is inaccurate and to have incomplete personal information completed
  • Right to erasure (also known as the Right to be Forgotten) – to have your personal information erased.
  • Right to restriction of processing – to restrict processing of your personal information
  • Right to data portability – to electronically move, copy or transfer your personal information in a standard form
  • Right to object – to object to processing of your personal information
  • Rights with regards to automated individual decision making, including profiling –rights relating to automated decision making, including profiling
    If you wish to exercise any of these rights please contact our Data Protection Officer.

Complaints

You have the right to complain to the Information Commissioner’s Office (the “ICO”) if you are not satisfied with the way we use your information, however you are encouraged to contact us in the first place and we will endeavour to answer any questions and resolve any issues you have.

You can contact the ICO by writing to Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.

When you submit an enquiry via our website

When you submit an enquiry via our website, we will ask you for your email address. We use this information to respond to your query, including providing you with any requested information about our services. We may also email you after your enquiry in order to follow up on your interest and ensure that we have answered it to your satisfaction.

Your enquiry is stored and processed by the reception staff who send the email to the most appropriate manager in the organisation. The manager will respond to the enquiry and will retain the enquiry data in line with our Records Retention Policy for any files processed outside of the email system and depending on the nature of the data.

We do not use the information you provide to make any automated decisions that might affect you.

Our email system will keep enquiry emails for two years, after which they are securely archived and kept for seven years, when we delete them.

Purposes for which we use your personal data

Any personal data relating to you gathered by us, during your use of this website will be solely used in accordance with our Privacy Policy.

Any personal data we collect during any visit to this website is designed to allow us to personalise the information you see and give you faster and clearer access to the right kinds of information.

If you request further information or contact us we may keep a record of that correspondence and incorporate the information it contains into our database(s).

We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data.

Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.

To deal with a general enquiry or specific enquiry.

(a) Identity

(b) Contact

(a) Consent

(b) Necessary for our legitimate interests (recruitment and to communicate with our customers, partners and other third parties)

Your right to complain

If you have a complaint about our use of your information, we would prefer you to contact us directly in the first instance so that we can address your complaint. However, you can also contact the Information Commissioner’s Office via their website at www.ico.org.uk/concerns or write to them at:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Updates to this Privacy Policy

We regularly review and, if appropriate, update this privacy policy from time to time, and as our services and use of personal data evolves. If we want to make use of your personal data in a way that we haven’t previously identified, we will contact you to provide information about this and, if necessary, to ask for your consent.

We will update the version number and date of this document each time it is changed.

February 2019 V5.1

MAKE A
REFERRAL

ST MAGNUS
NEWS

GET IN TOUCH
WITH US

SIGN UP TO OUR NEWSLETTER

  • This field is for validation purposes and should be left unchanged.

Start typing and press Enter to search