Protecting Your Personal Information: a guide for residents...
Personal information describes anything which can be used to identify a person as an individual. A name by itself is not considered as such, but where, for example, that name appears alongside an address, telephone number or a photograph, then this is something that, as a business, we are obliged to handle in a responsible way. Examples of personal information that we hold about you on a permanent basis include: your contact details and those of your next of kin; health records; personal preferences and financial information. Examples of personal information we hold about you on a temporary basis include: records relating to the use of our IT networks & CCTV records and telephone voice messages.
As part of your health records, we may well hold personal information that you would consider ‘sensitive’. Where such information is processed by the business, in order to provide you with an effective and service, it is only done so in ways that you expect, using no more information than is necessary by a limited number of staff who have had appropriate training and follow approved procedures. This information is retained for no longer than considered necessary before being destroyed in a responsible and accountable manner. If your information is considered for use for a purpose different to the one it was originally collected, then your explicit consent will be sought. Examples of sensitive personal information we hold about you on a permanent basis include: certain health records, complaints & financial information.
All staff are given training in the principles of data protection and the Company has policies and procedures relating to the safeguarding of all personal information, whether such data belongs to our residents, visitors or staff themselves. Where we hold personal information about you, it is done so to standards that meet current legislation and satisfy the requirements of the NHS. Where third-party service providers and other businesses are contracted to work with us, their contractual terms require the same standards of confidentiality as our own.
Your personal information, as standard, will be held by us for a period of of 6 years following the end of your stay with us after which it will be securely destroyed or rendered non-identifiable. Any remaining information is held beyond this date for the historical record of the Company. Further details of our Document Retention Schedule is available as part of the Information Governance Handbook.
You are legally entitled to see copies of all personal information that we hold about you and to ask for any errors to be be corrected. In certain circumstances you may be able to have your personal information permanently erased, or its’ processing restricted. This would be done through a process known as a Subject Access Request, details of which are explained in a separate Advice Notice – Subject Access Requests.
If you have any reason to believe that Birtley House has not dealt correctly with your information, please contact Tim Whalley. If you are still not satisfied, you should contact the Information Commissioner’s Office at Wycliffe House, Water Lane, Wilmslow, SK9 5AF.