Connected Care privacy notice
Updated: 21 July 2021
Our contact details
Name: Data Protection Officer
Address: Time Square, Market Street, Bracknell, RG12 1JD
Phone Number: 01344 352000
The type of personal information we collect
We currently collect and process the following information for people who have long term medical conditions:
- person details and demographics
- admissions to medical facilities
- alerting information, relating to the persons medical information
- details of medical appointments and assessments
- associated people
- care plan – including interventions and problems
- children’s personal details and contact information
- deprivation of liberty (DOL) safeguard, and other safeguarding information
- early interventions
- electronic documents
- health promotion
- next of kin personal details and contact information
- preventative medical procedures
- referrals to and from other organisations
- details and results of medical procedures and events, including discharge and diagnoses
- risk management plans
- risks and warnings relating to medical issues
How we get the personal information and why we have it
Most of the personal information we process is provided to us directly by yourself, a carer or a health provider (such as hospitals, GPs or district nurses).
We use the information that you have given us to provide the best possible care and support.
Health and social care professionals need up to date information about a person. This is why the council uploads your social care information on to a shared portal called Connected Care which can be accessed by and shared with health and social care organisations in Berkshire.
How the law allows us to use your personal information
Lawful basis for processing
These legal bases are underpinned by acts of legislation that dictate what actions can and should be taken by local authorities, including:
- Care Act 2014
- Health and Social Care Act 2012
- Health and Social Care Quality and Safety Act 2015 Section 251(b)
Under the General Data Protection Regulation (GDPR), the lawful basis for processing is Article 6 GDPR:
- (c) processing is necessary for compliance with a legal obligation to which we are subject
- (d) where it is necessary in order to protect the vital interests of our service users or another individual
- (e) to perform a public task
Special category data
Special category data is being processed under Article 9 GDPR:
- (h) to share information for the purpose of medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems
Who we share your information with
The data is shared by local authorities, practice clinical systems and by provider trusts.
We may share this information, including special category data, with:
- GP Practices
- East Berkshire Primary Out of Hours Service
- Bracknell urgent care centre (One Medical Care)
- Reading walk in centre (Virgin Care Services and Assura Reading LLP)
- Frimley Primary Care Services (North Hampshire Urgent Care Limited)
- Frimley Health Foundation Trust
- Great Western Hospitals NHS Foundation Trust
- Hampshire Hospitals NHS Foundation Trust
- Oxford University Hospitals NHS Foundation Trust
- Royal Berkshire Foundation Trust
- Berkshire Healthcare Foundation Trust
- Virgin Community Services (Virgin Care Services Ltd)
- Surrey and Borders Partnership Trust
- South Central Ambulance Service NHS Foundation Trust
- South East Coast Ambulance Service NHS Foundation Trust
- Thames Hospice
- Phyllis Tuckwell Hospice
- Sue Ryder (Duchess of Kent)
- Optalis Limited
- Reading Borough Council
- Royal Borough of Windsor and Maidenhead
- Surrey County Council
- West Berkshire Council
- Wokingham Borough Council
- Slough Borough Council
We do not sell your personal data to any party.
How we store your personal information
Your information is securely stored on a secure database.
Data is kept in line with the council’s retention and disposal schedule.
For more information on how your data is protected please refer to the appropriate policy document.
Your data protection rights
Under data protection law, you have rights we need to make you aware of. The rights available to you depend on our reason for processing your information.
Your right of access
You have the right to ask us for copies of your personal information. This right always applies. There are some exemptions, which means you may not always receive all the information we process.
Find out more about your right of access from the ICO.
Your right to get your data corrected
You have the right to ask us to correct information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. This right always applies.
Find out more about your right to get your data corrected from the ICO.
Your right to get your data deleted
You have the right to ask us to delete your personal information in certain circumstances.
Find out more about your right to get your data deleted from the ICO.
Your right to limit how organisations use your data
You have the right to ask us to limit the processing of your information in certain circumstances.
Find out more about your right to limit how organisations use your data from the ICO.
Your right to object to the use of your data
You have the right to object to processing if we are able to process your information because the process forms part of our public tasks.
Find out more about your right to object to the use of your data from the ICO.
Your right to data portability
This only applies to information you have given us. You have the right to ask that we transfer the information you gave us from one organisation to another, or give it to you.
The right only applies if we are processing information based on your consent or under, or in talks about entering into a contract and the processing is automated.
Find out more about your right to data portability from the ICO.
Making a request
You are not required to pay any charge for exercising your rights. If you make a request, we have 28 days to respond to you.
To make a request, contact us by emailing: firstname.lastname@example.org
As a public authority and a provider of services to the public, we have a legal duty to comply with the Equality Act 2010.
This means we need to make service adjustments for anyone with a disability who contacts us in any capacity, to eliminate any barriers to accessing our services.
Our lawful basis for processing this information is article 6(1)(c) of the GDPR as we have a legal obligation to provide this. Our processing of special category data, such as health information you give us, will be based on article 9(2)(a), which means we need your consent.
We will create a record of your adjustment requirements. These will give your name, contact details and type of adjustment required, along with a brief description of why it is required. Relevant staff can access this to make sure they are communicating with you in the required way.
If you need service adjustments contact us by:
- emailing: email@example.com
- phoning: 01344 351500
- writing to: Adult Community and ICS Team, Time Square, Bracknell, Berkshire, RG12 1JD
How to complain
If you have any concerns about our use of your personal information, you can make a complaint to us at firstname.lastname@example.org
You can also complain to the ICO if you are unhappy with how we have used your data by:
- visiting the ICO website
- phoning the ICO helpline on 0303 123 1113
Information Commissioner’s Office
- Information Commissioner’s Office