Privacy Notice

Introduction

The purpose of this privacy notice is to ensure personal data processed by Springcare Ltd is done so in a lawful, fair and transparent way in relation to the data subject and that individuals are well informed about the collection and use of their personal data.

Springcare Ltd are a limited company registered in England under company number 01588942. Our registered office is Nicholson House, Shakespeare Way, Whitchurch, Shropshire SY13 ILJ.

Springcare Ltd is registered with the Information Commissioners Office as a data controller (ICO) with number Z3363995 and we also hold individual registrations for each company in the Springcare group. Lee Cox, Managing Director is the nominated data protection officer and can be contacted on dpo@springcare.org.uk

We are regulated by the Care Quality Commission (CQC) in England.

What is personal data?

Personal data is another way to describe personal information. It is any information that is about you that allows you to be identified. Personal data covers simple information such as your name, email, phone number, but can also include details such as reference numbers, location and other identifiers used by computers.

What information do we collect about you?

Springcare Ltd may collect the following personal information about you:

  • Basic information such as name, date of birth, address, phone number and email – contact data
  • Financial information such as how your care is paid for and any past payments made –financial data
  • Information about you and your family such as your next of kin, your partner or spouse, children and how to get in touch with them – third party data
  • Information about your preferences, likes, dislikes, hobbies and interests – resident data
  • Visual images such as copies of identification and photographs of you;
  • Information we receive from other sources such as GP,s social workers and other healthcare professionals;
  • Dates and times of visits that your family have made to you;
  • Letters we have sent to your family about you.
  • Information about how you use our website or other technology including IP addresses or other device information – technical data
  • Any enquiries you have made with us / printed newsletters, brochures, telephone, email, social media, intranet, staff communications – marketing data

Collecting sensitive data about you

Springcare Ltd may also need to collect some information about you which is particularly sensitive. This type of information is called special category personal data whereby the law states that we can only collect and use this kind of information for very specific legal reasons, such as providing your care or supporting other organisations with their enquiries such as safeguarding or the police.

Types of special category personal data that Springcare may collect and use:

  • Information about your heath that is used to provide you with appropriate care and treatment when living in our care homes
  • Information about your views and beliefs
  • Information about your cultural identity
  • Information about your relationships
  • Information that is about who you are

We may also need to collect your data from other people such as:

  • National regulators
  • The National Health Service(NHS), your doctor and healthcare providers
  • Organisations such as the local authority who are responsible for funding and organising your care
  • The Emergency Services

How do we use information about you?

We need to use personal information to ensure we are delivering the most appropriate safe care and support to our residents, The information we use will sometimes be held on a computer , hand held electronic device or as a paper record.

People will only be allowed to access your information when they have the correct level of authorisation to do so.

Your personal information can be used for any of the following purposes:

  • Disclosing information to an appropriate regulator to inform them of
  • certain incidents as required under the law;
  • Communicating with you such as responding to emails or calls etc
  • Disclosing information to your employer should your behaviour fail to meet
  • acceptable standards
  • Disclosing information to a Coroner, the Police or Safeguarding where they need to conduct a formal investigation;
  • Supplying you with information by email and/or post that you have opted into (you may opt out at any time by contacting us).

Legal reasons for obtaining and using your personal information.

Springcare Ltd must have a legal reason to collect and use your information. We will use different reasons, depending upon its purpose. This must be explained to you when, or as soon as possible after, we collect your information, or when it is given to us by someone else.

  • The reasons we use are:
  • To comply with our legal obligations with regards to health and safety;
  • To protect your life in an emergency;
  • To act in the public interest;
  • To fulfil Springcare accepted interests;
  • We have your permission to use your information.

Where Springcare must use information that is particularly sensitive, we must have additional legal reasons to collect and use your information.

These are:

  • In order to protect the health and safety of everyone, including you;
  • In order to protect your life when you cannot give permission;
  • In order to act in a significant public interest, such as safeguarding;
  • In order to allow fairness in legal matters;
  • We have explicit consent to use your information

Sharing your personal information

On occasions, Springcare may be asked to give your personal information or need to collect it from other organisations. These can include:

  • Your current or previous employer
  • Local authorities or Clinical Commissioning Groups;
  • National regulators;
  • Your Doctor;
  • The Emergency services.

Any companies we employ who use your personal information are responsible to you through legal agreements with Springcare around Data Protection such as:

  • Care Quality Commission (England)
  • Disclosure & Barring Service (England & Wales) –
  • Health & Safety Executive
  • Information Commissioners Office
  • NHS England
  • Nourish Care, Allocate, Wagestream, E-Meds – software providers
  • Shoga – website management
  • TV licencing
  • Electoral register
  • Organisations with a function of auditing/ administering funds for the purpose of detection and prevention of fraud

Do you have to consent to the use and sharing of information?

Springcare will only seek consent/permission to collect, use and share your personal information where you have freedom of choice about how your information is used, such as when you are completing a survey or questionnaire.

Where you do not have such freedom over how your information is used, we will use a different legal reason to collect, use and store your information.

If you decide not to provide us with your information, this can make it difficult for the Company to assist you during your interactions with us.

National Data Opt- Out

The national data opt-out gives everyone the ability to stop health and social care organisations from sharing their confidential patient information for reasons other than providing their individual care and treatment. The national data opt-out only applies where the data processing relies upon Regulation 5 of the Control of Patient Information Regulations 2002. An example of this would be for participation in research with an University.

Individuals can view or change their national data opt-out choice at any time by using the online service at www.nhs.uk/your-nhs-data-matters or by calling 0300 303 5678 (normal office hours).

It applies to our Springcare as we are a CQC adult registered provider in England but is only relevant where an individual is receiving social care that is provided, arranged or funded (in part of full) by local authorities or the NHS.

Springcare reviews all our data processing on an annual basis to assess if the national data opt-out applies. This would be recorded in our Record of Processing Activities. All new processing is assessed to see if the national data opt-out applies.

The Messaging Exchange for Social Care and Health can be used to check if any of our service users have opted out of their data being used if our data flows were to be used for research/ planning etc

At this current time, we do not share any data for planning or research purposes for which the national data opt-out would apply.

How We use Information

Springcare will be legally required to share certain personal information with a third party by law, and sometimes without your knowledge. For example, we are required by law to tell the care regulators if certain incidents have happened. We will always look to provide this information in a way that reduces any risks to your privacy, but this is not always possible.

Your Rights under Data Protection

Under the law, you have certain rights in relation to your personal information and whereby Springcare must:

  • Respond to your request within one calendar month (unless extended);
  • Respond in a plain and clear language;
  • Be sure as to your identity;
  • Provide the information free of charge (unless it is repeated )
  • Tell you why we are unable to comply with your request;
  • Protect the rights of other individuals.

In summary:

  • The right to know how your information is used
  • The right to obtain copies of your information under a subject access request
  • The right to correct inaccurate information
  • The right to delete your information ( note this right does not apply where Springcare are under a legal obligation to retain your information, there is a public interest in retaining your information, we need to retain your information for public health purposes, or we need to retain your information in case of future legal claims).
  • The right to limit the use of your information
  • Additional rights around being able to transfer your information to another organisation and around a system making automated decisions about you.
  • Springcare does not currently make any automated decisions about you.

Please contact us if you would like to exercise any of your rights by writing to:

Data Protection Officer, Springcare Ltd, Nicholson House, Shakespeare Way, Whitchurch, Shropshire SY13 1LJ or email dpo@springcare.org.uk

Is information sent outside the UK?

We may transfer data between other Springcare Homes and our Head Office. Data will be sent electronically and safely. Transferring of data may also be needed to local authorities and the NHS, this will be done using the NHS secure encrypted email platform or other secure method.

Paper documents such as a Medication Administration Record may need to be passed to ambulance transfer crews in the event of hospital attendance for an planned or unplanned visit. This will be handed to the transfer professional in a sealed envelope.

We do not routinely transfer data outside the European Union (EU), however one exception would be if we need to contact your family member(s) who reside out of the EU. Should this be the case we will do so in line with data protection laws.

How long do we keep your personal data?

Personal information that we are no longer using is kept securely only for as long as it is needed, or is required by law, before being safely destroyed.

The duration for which your personal information is kept will depend on our reason

for collecting it and is defined in Springcare “Records Retention and Destruction

Policy”.

Data security

We apply high security standards to the information we handle (including personal data) to prevent information from being accidentally lost, or used, accessed or disclosed in an unauthorised way. These measures include the use of technology and other precautions such as the control of access to our care homes, offices and systems.

Our IT service providers have secure access to data although strictly limited to IT support and we have contracts in place detailing confidentiality obligations. Our systems are regularly checked to ensure we comply with privacy standards.

Do we use CCTV in our homes?

Springcare currently uses CCTV in some of its care homes in order to provide reassurance to residents and their relatives, protect homes from unlawful intrusion and assist incidents that fall within the scope of safeguarding where concerns have been raised.

Cameras are only to be used in communal areas and our policy and processes are in place to comply with data security.

Social media

Springcare uses social media such as Facebook and Twitter to keep families and the public up to date with what is going on in our homes. We will never use photographs of residents, families or staff without seeking explicit consent to do so.

Complaints

If you have any concerns about the way which we are using your personal information, please contact the Springcare DPO on dpo@springcare.org.uk

A further option to register a complaint is via the Information Commissioners Office on 0303 123 1113 or ICO, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.

Third party links and cookies

 Our website includes links to third party sites and applications such as the Care Quality Commission. Clicking links may allow third parties to collect or share data about you. You should read other statements on other websites carefully.

We also operate cookies on our website which are used to analyse how people view our information. This information is coded data and does include any personal information that could identify you.

Analytics cookies allow us to track the use and performance of our website and services.

Privacy review

Springcare reserves the right to update and amend any of the policy content in line with changes to our business or any regulatory changes which inform our practice.