Adult social care
Adult services and health privacy notice
The Adult Services and Health directorate works under the legal obligations and conditions of both the Principles of the Data Protection Act (DPA) and the Articles of the new European General Data Protection Regulation (GDPR).
Whilst the majority of the GDPR is similar to the DPA, and will be reflected in a new Data Protection Act, there are some critical changes which effect both ourselves as an organisation and you as an individual.
The legal basis for processing your information
Previously we have relied on obtaining consent in order to provide you with social care and health services, although we understand that in many cases there was an expectation on your behalf that the organisations involved would automatically do this.
Article 9 of the GDPR now allows us to do this without consent but only in order to provide you with adult social care services. Whilst this will also cover preventative and sign posting services we will always contact you for your explicit consent if we require your information to be used outside this scope.
We make every effort to keep all the personal data it holds secure, whether held electronically or as paper copies. We also ensure that only members of staff with a legitimate reason to access your information have permission to do so.
Your information will only be kept for a specific amount of time after which it will be securely destroyed.
Even though we are required to share your information with authorised partner organisations, we will ensure this is done in a secure manner, and the information is proportionate in order for them deliver your services.
These partners will also include organisations that we commission to provide care and support, such as home care agencies or care homes. You will hear these called providers. As they are delivering care on our behalf these organisations must keep your details safe and secure, and as the data controller we will make sure that they comply with our required information sharing standards and protocols.
It is very important that Adult Services and Health is able to plan and realign its delivery of services to meet the needs of Liverpool’s vulnerable adults.
To do this, we carefully use the information we collect about how services are delivered and who is using these services. This also includes the statutory functions of Public Health which is now part of the council’s responsibility
In certain cases, such as safeguarding inquiries and criminal investigations we are legally obliged to provide information to the police. However we have procedures in place that allows this to be carried out in a secure and confidential manner.
As with the Data Protection Act, GDPR gives you a number of very specific rights regarding your information. All of these rights come with ‘terms and conditions’ and in some cases may adversely affect our ability to provide you with services. We would advise that you contact our information governance officers who will discuss and process your request at firstname.lastname@example.org
- Right of access: You have a right to see the information that organisations hold about you. If you would like to exercise this right you can begin the process by submitting a Subject Access Request.
- Right of rectification: If you find that we are holding incorrect information about you then we are responsible to rectify this as soon as you notify us.
- Right of erasure: This right may also be known as a right to be forgotten. If you feel that the information we are holding is no longer justified or manifestly incorrect, you can apply to have it erased.
- Right to restrict processing: Rather than erasing the information you have a right to apply to have conditions and restrictions placed on how we use and process it.
Tell us about a change in circumstance
Call Careline on 0151 233 3800.
Data protection enquiries
Email data protection enquiries to the Information Governance Officer at email@example.com.
- Senior Information Risk Officer, Becky Hellard: email firstname.lastname@example.org.
- Data Protection Officer, Chris Walsh: email email@example.com.
- Caldicott Guardian, Dyane Aspinall: email firstname.lastname@example.org.