This is Rayner House & Yew Trees Limited Privacy Notice.
As part of the services we offer, we are required to process personal data about our staff, our residents/service users and, in some instances, the friends or relatives of our residents/service users and staff. “Processing” can mean collecting, recording, organising, storing, sharing or destroying data.
We are committed to being transparent about why we need your personal data and what we do with it. This information is set out in this privacy notice. It also explains your rights when it comes to your data.
If you have any concerns or questions please contact us on 0121 705 9293 or by email to This email address is being protected from spambots. You need JavaScript enabled to view it. or This email address is being protected from spambots. You need JavaScript enabled to view it..
What data do we have?
So that we can provide a safe and professional service, we need to keep certain records about you. We may process the following types of data:
We also record the following data which is classified as “special category”:
Why do we have this data?
We need this data so that we can provide high-quality care and support. By law, we need to have a lawful basis for processing your personal data.
We process your data because:
We have a legal obligation to do so – generally under the Health and Social Care Act 2012 or Mental Capacity Act 2005.
We process your special category data because
We may also process your data with your consent. If we need to ask for your permission, we will offer you a clear choice and ask that you confirm to us that you consent. We will also explain clearly to you what we need the data for and how you can withdraw your consent at any time.
Where do we process your data?
So that we can provide you with high quality care and support we need specific data. This is collected from or shared with:
We do this face to face, via phone, via email, via our website, via post, via application forms, via apps.
Third parties are organisations we might lawfully share your data with. These include:
What data do we have?
So that we can provide a safe and professional service, we need to keep certain records about you. We may record the following types of data:
We also record the following data which is classified as “special category”:
As part of your application you may – depending on your job role – be required to undergo a Disclosure and Barring Service (DBS) check (Criminal Record Check). We do not keep this data once we’ve seen it.
Why do we have this data?
We require this data so that we can contact you, pay you and make sure you receive the training and support you need to perform your job. By law, we need to have a lawful basis for processing your personal data.
We process your data because:
We process your special category data because
If we request your criminal records data it is because we have a legal obligation to do this due to the type of work you do. This is set out in the Data Protection Act 2018 and the Rehabilitation of Offenders Act 1974 (Exceptions) Order 1975. We do not keep a record of your criminal records information (if any). We do record that we have checked this.
We may also process your data with your consent. If we need to ask for your permission, we will offer you a clear choice and ask that you confirm to us that you consent. We will also explain clearly to you what we need the data for and how you can withdraw your consent.
Where do we process your data?
As your employer we need specific data. This is collected from or shared with:
We do this face to face, via phone, via email, via our website, via post, via application forms, via apps.
Third parties are organisations we have a legal reason to share your data with. These include:
What data do we have?
As part of our work providing high-quality care and support, it might be necessary that we hold the following information on you:
Why do we have this data?
By law, we need to have a lawful basis for processing your personal data.
We process your data because we have a legitimate business interest in holding next of kin and lasting power of attorney information about the individuals who use our service and keeping emergency contact details for our staff.
We may also process your data with your consent. If we need to ask for your permission, we will offer you a clear choice and ask that you confirm to us that you consent. We will also explain clearly to you what we need the data for and how you can withdraw your consent.
Where do we process your data?
So that we can provide high quality care and support we need specific data. This is collected from or shared with:
We do this face to face, via phone, via email, via our website, via post, via application forms, via apps.
Third parties are organisations we have a legal reason to share your data with. These may include:
In order to provide you with the best experience while using our website, we process some data about you.
You can download our Retention and Destruction SORP here.
The data that we keep about you is your data and we ensure that we keep it confidential and that it is used appropriately. You have the following rights when it comes to your data:
You may need to provide adequate information for our staff to be able to identify you, for example, a passport or driver’s licence. This is to make sure that data is not shared with the wrong person inappropriately. We will always respond to your request as soon as possible and at the latest within one month.
If you would like to complain about how we have dealt with your request, please contact:
Information Commissioner’s Office
Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
https://ico.org.uk/global/contact-us/
In line with the recommendations made by the National Data Guardian in her ‘Review of Data Security, Consent and Opt-outs’, the national data opt-out was introduced for health and social care systems on 25 May 2018. This is intended to give patients and the public more control over how their confidential patient information is used for research and planning purposes.
The Government response to the review set out that all health and adult social care organisations in England must comply with the national data opt-out policy by July 2022.
What is the national data opt-out?
It is a service that enables the public to register to opt out of their confidential patient information being used for purposes beyond their individual care and treatment. The public can change their national data opt-out choice at any time.
In summary the national data opt-out applies to:
Which data disclosures do national data opt-outs apply to?
National data opt-outs apply to a disclosure when an organisation, e.g. a research body, confirms they have approval from the Confidentiality Advisory Group (CAG)* for the disclosure of confidential patient information held by another organisation responsible for the data (the data controller) such as an NHS Trust.
The CAG approval is also known as a section 251 approval and refers to section 251 of the National Health Service Act 2006 and its current Regulations, the Health Service (Control of Patient Information) Regulations 2002. The NHS Act 2006 and the Regulations enable the common law duty of confidentiality to be temporarily lifted so that confidential patient information can be disclosed without the data controller being in breach of the common law duty of confidentiality.
In practice, this means that the organisation responsible for the information (the data controller) can, if they wish, disclose the information to the data applicant, e.g. research body, without being in breach of the common law duty of confidentiality. To be clear it is only in these cases where opt-outs apply.
National data opt-outs do not apply where:
In these scenarios above, section 251 approvals would not have been sought.
* The Confidentiality Advisory Group (CAG) is an independent body which provides expert advice on the use of confidential patient information.
Rayner House Care,
3-5 Damson Parkway,
Solihull B91 2PP.
Website Designed By Hotlobster Design Ltd