Privacy Policy

ASHFIELD CARE LTD. (ASHLEY CARE CENTRE)

 

PRIVACY POLICY

The purpose of this notice is to inform you of the type of information (including personal information) that Ashley Care Centre (Ashfield Care Ltd.)  holds, how that information is used, who we may share that information with, and how we keep it secure and confidential.

WHAT WE DO

Ashley Care Centre (Ashfield Care Ltd.) is responsible for planning and designing health services for the residents at Ashley Care Centre. We do this by providing nursing and residential care services at Ashley Care Centre and by liaising with other services like:

  • Hospitals
  • G.P services
  • Rehabilitation care.
  • Community health services.
  • Mental health and learning disability services.

We work with patients and health and social care partners (e.g. local hospitals, local authorities and local community groups etc) to make sure that the residents needs are met. We manage the performance of our services to make sure that they are safe, provide high quality care and meet the needs of our residents. Part of this performance management role includes responding to any concerns from our patients about our services or third-party services.

DATA PROTECTION PRINCIPLES

We will comply with data protection law. This says that the personal information we hold about you must be:

  1. Used lawfully, fairly and in a transparent way.
  2. Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
  3. Relevant to the purposes we have told you about and limited only to those purposes.
  4. Accurate and kept up to date.
  5. Kept only as long as necessary for the purposes we have told you about.
  6. Kept securely.

This Privacy Policy explains how we collect, use and process personal data, and how, in doing so, we comply with our legal obligations. It also details your personal rights to amending, restricting or deleting the personal data that we use.

 Whether we are in the process of recruiting you, assessing you for the purpose of a potential admission, continuing our relationship with you once we have accepted you as a resident or as an employee, providing you with a service, receiving a service from you, or if you are visiting our website, we are committed to providing a transparent service and to protecting and safeguarding your data privacy rights.

If you are dissatisfied with any aspect of our Privacy Policy, you may have legal rights and, where relevant, we have described these rights in this document.

 

 

SERVICE USERS

 

PERSONAL AND CONFIDENTIAL INFORMATION

In order to provide the best possible placement that are tailored to you, we need to process certain information about you. We only collect details that will genuinely help us to cater your needs at the nursing home. The details that are collected at the time of pre-admission assessment or provided to us in addition to this, either in writing or verbally, will be stored. This may include, but is not limited to: your name, contact details, education details, employment history, emergency contacts, gender, marital status, emergency contact details and details of any nearest relatives, nationality, ethnicity, religious beliefs, physical and/or mental capacity, details about your finances, pensions and benefits arrangements, and photographs. There are some specific areas, however, because of our responsibilities, where we do hold and use personal information. In order to process that information, we will have met a legal requirement, in general this is where we have complied with one of the followings:

THE INFORMATION IS NECESSARY FOR DIRECT HEALTHCARE FOR PATIENTS.

  • We have received consent from individuals to be able to use their information for a specific purpose.
  • There is an over-riding public interest in using the information e.g. in order to safeguard an individual, or to prevent a serious crime.
  • There is a legal requirement that will allow us to use or provide information (e.g. a formal court order).
  • For the health and safety of others, for example to report an infectious disease such as meningitis or measles.

THE AREAS WHERE WE USE PERSONAL INFORMATION ARE:

  • Individual Funding
  • Assessments for continuing healthcare assessments
  • Responding to your queries, concerns or complaints
  • Assessment and evaluation of safeguarding concerns for individuals
  • Incident investigations
  • Where we investigate the causes of an infection, sometimes contagious, which may be risk to the public (Post Infection Review)
  • We do not always need to ask for permission to access a person’s information if there is a risk to the public
  • Paying for the treatment or procedure you have received known as Invoice Validation – Information such as your NHS Number, name, address and date of treatment may be used to make sure accurate payments are made to those who provide your care.
  • Records are retained in accordance with the retention and disposal schedule in the Records Management Code of Practice for Health and Social Care 2016.

KEEPING INFORMATION SECURE AND CONFIDENTIAL

All staff have contractual obligations of confidentiality, enforceable through disciplinary procedures. All staff are trained to keep information confidential. Any staff who, because of their role, need to have regular access to personal information, receive additional specialist training.

We take relevant organisational and technical measures to make sure that the information we hold is secure – such as holding information in secure locations, restricting access to information to authorised personnel, protecting personal and confidential information held on equipment such as laptops with encryption.

Ashley Care Centre has a senior person responsible for protecting the confidentiality of patient information and enabling appropriate information sharing. This person is called the Caldicott Guardian. The Caldicott Guardian for Ashley Care Centre is Mr. Amit Patil, Registered Manager.

 HOW DO WE COLLECT YOUR PERSONAL DATA?

There are different ways in which we collect your personal data:

1)      Directly from you: via email, post, fax, verbally and/or

2)      From third parties, such as Social services, G.P surgeries, Hospital, Medical records etc.

HOW DO WE USE YOUR PERSONAL DATA?

Having obtained data about you, we then use it in a number of ways.

  1. Placement at the nursing home

Obviously, our main area of work is providing nursing and residential care for residents with dementia, mental health and general nursing needs. We’ve listed below various ways in which we may use and process your personal data for this purpose, where appropriate and in accordance with any local laws and requirements. Please note that this list is not exhaustive.

1)      Medical or mental health treatment

2)      Storing your details (and updating them when necessary) on our database, so that we can contact you or your nearest relative in case of emergencies and to provide updates

3)      Sending your information to G. P’s, social workers, Councils, IMCA services, or any multidisciplinary health professionals or CQC

We may use your personal data for the above purposes if we deem it necessary to do so for our legitimate interests. If you are not happy about this, in certain circumstances you have the right to object and can contact us at any time.

  1. Equal opportunities monitoring:

We are committed to ensuring that your placement to the nursing home are aligned with our approach to equal opportunities. Some of the data we may (in appropriate circumstances and in accordance with local law and requirements) collect about you comes under the umbrella of “diversity information”. This could be information about your ethnic background, gender, disability, age, sexual orientation, religion or other similar beliefs, and/or social-economic background. Where appropriate and in accordance with local laws and requirements, we’ll use this information on an anonymised basis to monitor our compliance with our equal opportunities policy. We may also disclose this (suitably anonymised where relevant) data to third parties where this is contractually required, or the third party specifically requests such information to enable them to comply with their own processes (eg:- Social services, MASH, CQC, CHC, CCG etc.). This information is what is called ‘sensitive’ personal information and slightly stricter data protection rules apply to it. We therefore need to obtain your explicit consent before we can use it.

WHO DO WE SHARE YOUR PERSONAL DATA WITH?

Primarily we will share your information with (this list is not exhaustive) G.P surgeries, Social Workers, Safeguarding officers, CQC, CCG, and Health professionals directly and indirectly involved in your care. In most cases, your personal data will always remain anonymous. We may also share your data with third party outsourced IT and document storage providers where we have an appropriate processing agreement (or similar protections) in place.

In any instance, Ashfield Care Ltd will subject your data to the utmost protection to prevent unauthorised access, use or disclosure.

 

 

EMPLOYEES

WHAT KIND OF PERSONAL DATA DO WE COLLECT?

If you are one of our Employee or potential Employee, we need to collect and use information about you, or individuals at our organisation, in the course of providing you services such as:

1)      arranging interviews at our organisation;

2)      notifying you of changes to our services

3)      We hold your personal data in respect to your work contact details including: but is not limited to: your name, contact details, education details, employment history, emergency contacts, gender, marital status, emergency contact details and details of any nearest relatives, nationality, ethnicity, religious beliefs, physical and/or mental capacity, details about your finances, pensions and benefits arrangements, and photographs. This is to enable us to ensure that our relationship runs smoothly. We may also hold extra information that someone in your organisation has chosen to tell us.

HOW DO WE COLLECT YOUR PERSONAL DATA?

There are two main ways in which we collect your personal data:

1)                  Directly from you; and

2)                  From third parties, such as from Candidates, an online job board with whom we hold formal contractual agreements for the access to candidate details (and do so under legitimate interest consent) or via a regulatory body that you would be registered with.

WHO DO WE SHARE YOUR PERSONAL DATA WITH?

We will share your personal data such as current work place name, address, and contact details within your work capacity or to external sources in the events of any incidents (eg – safeguarding, police, CQC, POVA etc).

 

HOW WILL WE USE YOUR DATA?

The main reason for collecting your personal details is to ensure that the contractual arrangements between us can properly be implemented i.e. Legitimate Interest.

Depending on the type of personal data in question and the grounds on which we may be processing it, should you decline to provide us with such data, we may not be able to fulfil our contractual requirements or, in extreme cases, may not be able to continue with our relationship.

 

 

SUPPLIERS

WHAT DO WE USE YOUR DATA FOR?

We need a small amount of information from our Suppliers to ensure that things run smoothly. We need contact details of relevant individuals at your organisation so that we can communicate with you. We also need other information such as your bank details so that we can pay for the services you. The processing applied to this data if part of the performance of a contract and therefore supported by the consent provided by our contractual dealings with you as a Supplier.

WE WILL ONLY USE YOUR INFORMATION:

1)      To store (and update when necessary) your details on our database, so that we can contact you in relation to our agreements;

2)      To offer services to you or to obtain support and services from you;

3)      To perform certain legal obligations;

4)      In more unusual circumstances, to help us to establish, exercise or defend legal claims.

We may use your personal data for these purposes if we deem this to be necessary for our legitimate interests. Depending on the type of personal data in question and the grounds on which we may be processing it, should you decline to provide us with such data, we may not be able to fulfil our contractual requirements or, in extreme cases, may not be able to continue with our relationship.

If you are not happy about this, in certain circumstances you have the right to object. Please contact us to do so.

 

 

GENERAL

HOW DO WE SAFEGUARD YOUR PERSONAL DATA?

We are committed to taking all reasonable and appropriate steps that are designed to protect the personal information that we hold from misuse, loss, or unauthorised access. We do this by having in place a range of appropriate technical and organisational measures. These include measures to deal with any suspected data breach. If you suspect any misuse or loss of or unauthorised access to your personal information, please let us know immediately.

HOW LONG DO WE KEEP YOUR PERSONAL DATA FOR?

We will delete your personal data from our systems if we have not had any meaningful contact with you (or, where appropriate, the company you are working for or with) for seven years (or for such longer period as we believe in good faith that the law or relevant regulators require us to preserve your data). After this period, it is likely your data will no longer be relevant for the purposes for which it was collected. For those Candidates whose services are provided via a third-party company or other entity, “meaningful contact” with you means meaningful contact with the company or entity which supplies your services. Where we are notified by such company or entity that it no longer has that relationship with you, we will retain your data for no longer than two years from that point or, if later, for the period of two years from the point we subsequently have meaningful contact directly with you.

HOW CAN YOU ACCESS, AMEND OR TAKE BACK THE PERSONAL DATA THAT YOU HAVE GIVEN TO US?

Even if we already hold your personal data, you still have various rights in relation to it. To get in touch about these, please contact us. We will seek to deal with your request without undue delay, and in any event in accordance with the requirements of any applicable laws. Please note that we may keep a record of your communications to help us resolve any issues which you raise.

 

 

YOUR RIGHTS

Right to object:

If we are using your data because we deem it necessary for our legitimate interests to do so, and you do not agree, you have the right to object. We will respond to your request within 30 days (although we may be allowed to extend this period in certain cases). Generally, we will only disagree with you if certain limited conditions apply.

Right to withdraw consent:

Where we have obtained your consent to process your personal data for certain activities (for example, for profiling your suitability for certain roles), or consent to market to you, you may withdraw your consent at any time.

Data Subject Access Requests (DSAR):

 Just so it’s clear, you have the right to ask us to confirm what information we hold about you at any time, and you may ask us to modify, update or Delete such information. At this point we may comply with your request or, additionally do one of the followings:

  • we may ask you to verify your identity, or ask for more information about your request; and
  • where we are legally permitted to do so, we may decline your request, but we will explain why if we do so.

Right to erasure:

In certain situations (for example, where we have processed your data unlawfully), you have the right to request us to “erase” your personal data. We will respond to your request within 30 days (although we may be allowed to extend this period in certain cases) and will only disagree with you if certain limited conditions apply. If we do agree to your request, we will delete your data.

Right of data portability:

If you wish, you have the right to transfer your data from us to another data controller. We will help with this – either by directly transferring your data for you, or by providing you with a copy in a commonly used machine-readable format.

Right to lodge a complaint with a supervisory authority:

You also have the right to lodge a complaint with your local supervisory authority.

The right to rectification of your personal data

 

OUR LEGAL BASIS FOR PROCESSING YOUR DATA:

LEGITIMATE INTERESTS

Article 6(1)(f) of the GDPR is the one that is relevant here – it says that we can process your data where it “is necessary for the purposes of the legitimate interests pursued by [us] or by a third party, except where such interests are overridden by the interests or fundamental rights or freedoms of [you] which require protection of personal data.”

We don’t think that any of the following activities prejudice individuals in any way – in fact, they help us to offer you a more tailored and efficient service. However, you do have the right to object to us processing your personal data on this basis. If you would like to know more about how to do so, please contact us.

SERVICE USER DATA

To ensure that we provide you with the best service possible, we store your personal data and/or the personal data of individual contacts at our organisation as well as keeping records of our conversations, meetings, and placements. We think this is reasonable – we deem these uses of your data to be necessary for our legitimate interests as an organisation providing Nursing and residential care services.

SUPPLIER DATA:

We use and store the personal data of individuals within your organisation in order to facilitate the receipt of services from you as one of our Suppliers. We also hold your financial details, so that we can pay you for your services. We deem all such activities to be necessary within the range of our legitimate interests as a recipient of your services.

ESTABLISHING, EXERCISING OR DEFENDING LEGAL CLAIMS

Sometimes it may be necessary for us to process personal data and, where appropriate and in accordance with local laws and requirements, sensitive personal data in connection with exercising or defending legal claims. Article 9(2)(f) of the GDPR allows this where the processing “is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity”.

This may arise for example where we need to take legal advice in relation to legal proceedings or are required by law to preserve or disclose certain information as part of the legal process.

 

CONTACT US

Why would you need to contact us?

Apart from contacting us with regards to recruitment activity or maintaining our relationship, you may wish to contact us for a number of reasons in relation to the use of your personal data. This may include:

  • to access, amend or take back the personal data that you have given to us;
  • if you suspect any misuse or loss of or unauthorised access to your personal information;
  • to withdraw your consent to the processing of your personal data (where consent is the legal basis on which we process your personal data);
  • with any comments or suggestions concerning this Privacy Policy
  • to limit our contact with you (phone, text, email)

 

How can you contact us?

By Post:

Ashley Care Centre

Sunnyside

Worksop

Nottinghamshire

S81 7LN

By Email:

Alternatively, you can send an email to: info@ashleycarecentreco.uk

By Phone:

You can contact us by phone at any time on 01909 500541

Why would you need to contact your local supervisory authority?

If you’re not satisfied with our response to any complaint or believe our processing of your information does not comply with data protection law, you can make a complaint to the Information Commissioner’s Office (ICO) using the following details:

How can you contact your local supervisory authority?

By Post:

Information Commissioner’s Office Wycliffe House

Water Lane

Wilmslow

Cheshire SK9 5AF

By Phone:

You can contact the ICO by phone at any time on 0303 123 1113.

 

 

error: Content is protected !!