PRIVACY POLICY
WHO “WE” ARE?
​
Rosmead Healthcare's mission is to become the first-choice care home in every community for Residents and Colleagues ensuring that we use your personal information only when we need to, in order to deliver care with the kindness that is at the heart of everything we do.
We use your information to provide you with employment to deliver kind, person- centred care and support. This Privacy Statement explains this in more detail.
Rosmead Healthcare is a limited company registered in England under company number 11210637 . We are registered with the Information Commissioner's Office under registration number 00016991590.
We are regulated by the Care Quality Commission (CQC) in England, the Care Inspectorate (CI) in Scotland and the Care Inspectorate Wales (CIW).
1. WHAT IS PERSONAL DATA?
​
Personal data is another way to describe personal information. It is any information that is about you that allows you to be identified. Personal data covers simple information such as your name, email and phone number, but it also covers more detailed information such as reference numbers, your location, and other identifiers used by computers.
To find out more about how Rosmead Healthcare uses your personal information please click on the sections below.
2. WHAT INFORMATION DO WE COLLECT ABOUT YOU?
The majority of personal information we collect about you, will come from you visiting our homes.
Depending on your ongoing interactions with us we may collect more information about you, for instance if you are providing regular maintenance or inspecting our homes.
By law, we have to keep certain personal information so that we know who has visited our home and when, but also the purpose of your visit.
Rosmead Healthcare may collect these kinds of personal information about you:
-
Basic information, such as name, address, phone number, and email;
-
Employment information, such as who you are employed by and your role;
-
Emergency Contact Information about your family or employer, so we know who to contact in an emergency;
-
Visual images, such as copies of identification or CCTV footage of you in our homes;
-
Information we receive from other sources, such as your employer, other agencies or legal representative;
-
Letters and emails, we have sent to you about your interactions with Rosmead Healthcare;
-
Dates and times of your visits to our premises.
Collecting sensitive information about you
Whilst it would be uncommon to collect sensitive information about you, Rosmead Healthcare may sometimes need to collect some information which is particularly sensitive. This type of information is called special category personal data. The law says we can only collect and use this kind of information for very specific legal reasons, such as keeping you, our Residents and Colleagues safe when you are on our premises and helping other organisations with their functions, such as safeguarding. Rosmead Healthcare will only collect and use this information where it is essential for our work.
Types of special category personal data that Rosmead Healthcaremay collect and use:
-
Information about pre-existing health conditions which could affect your visit;
-
Information if you suffered an accident when on our premises;
-
Information that we need in order to keep our Residents safe.
Collecting information from other people
Sometimes, Rosmead Healthcare may need to collect your data from other people. These will include:
-
Your employer
-
Government departments;
-
National regulators;
-
Your Doctor;
-
The Emergency services; or
-
Rosmead Healthcare suppliers and local services.
​
3. HOW DO WE USE INFORMATION ABOUT YOU?
​
We need to use personal information to ensure we are delivering kind, person- centred care to our residents, which includes keeping them safe. The information we use will sometimes be held on a computer. People will only be allowed to access your information when they are involved in your visit, such as Home and Area Managers.
Your personal information can be used for any of the following purposes:
-
Knowing when you visited our premises;
-
Disclosing information to an appropriate regulator to inform them of certain incidents as required under the law;
-
Communicating with you. This may include responding to emails or calls from you;
-
Disclosing information to your employer should your behave our fail to meet acceptable standards
-
Disclosing information to a Coroner, the Police or Safeguarding where they need to conduct a formal investigation;
-
Helping to keep you, your Colleagues and our Residents safe.
Legal reasons for obtaining and using your personal information
Rosmead Healthcare must have a legal reason to collect and use your information. We will use different reasons, depending upon its purpose. This must be explained to you when, or as soon as possible after, we collect your information, or when it is given to us by someone else. The reasons we use are:
-
In order for Rosmead Healthcare to comply with our legal obligations with regards to health and safety;
-
In order to protect your life in an emergency;
-
In order to act in the public interest;
-
In order to fulfil Rosmead Healthcare’'s accepted interests; or,
-
Where we have your permission to use your information.
Where Rosmead Healthcaremust use information that is particularly sensitive, Rosmead Healthcare must have additional legal reasons to collect and use your information. These are:
• In order to protect the health and safety of everyone, including you;
• In order to protect your life when you cannot give permission;
• In order to act in a significant public interest, such as safeguarding;
• In order to allow fairness in legal matters;
• We have explicit consent to use your information.
4. SHARING YOUR PERSONAL INFORMATION:
​
On occasions, Rosmead Healthcare may be asked to give your personal information or need to collect it from other organisations. These can include:
• Your employer
• Government departments;
• National regulators;
• Your Doctor;
• The Emergency services; or
• Rosmead Healthcaresuppliers and local services.
Any companies we employ who use your personal information are responsible to you through legal agreements with Rosmead Healthcare around Data Protection.
Click [here] to see the organisations we work with along with links to the Privacy Statements of some of these organisations.
5. DO I HAVE TO CONSENT TO THE USE AND SHARING OF MY INFORMATION?
​
Rosmead Healthcare will only seek consent/permission to collect, use and share your personal information where you have freedom of choice about how your information is used, such as when you are completing a survey or questionnaire.
Where you do not have such freedom over how your information is used, we will use a different legal reason to collect, use and store your information.
If you decide not to provide us with your information, this can make it difficult for us to assist you during your interactions with us.
6. YOUR INFORMATION RIGHTS:
​
We will normally only share your personal information with your knowledge and where it is needed and when we have a legal reason.
Please remember that occasionally, Rosmead Healthcare will be legally required to share certain personal information with a third party by law, and sometimes without your knowledge. For example, we are required by law to tell the care regulators if certain incidents have happened. We will always look to provide this information in a way that reduces any risks to your privacy, but this is not always possible.
Further information about your specific data protection rights can be found here:
7. WILL WE SEND YOUR INFORMATION OUTSIDE THE UK?
​
Most information relating to a person’s care is stored within the UK only. These will be in hardcopy, or electronic systems.
However, in some cases, our suppliers may store your personal information outside of the UK. For more details on the companies we use click [here].
8. HOW LONG WILL WE KEEP YOUR INFORMATION FOR?
​
Personal information that we are no longer using is kept securely only for as long as it is needed, or is required by law, before being safely destroyed.
The duration for which your personal information is kept will depend on our reason for collecting it and is defined in Rosmead Healthcare’s “Records Retention and Destruction Schedule Procedure”.
9. HOW WILL WE KEEP YOUR INFORMATION SECURE?
​
Keeping your personal information secure is an important principle of Data Protection, and we take the following steps to protect your information which includes:
-
Necessary measures to ensure personal information is protected;
-
All electronic data transferred through our systems is encrypted;
-
Information is not used for any purpose other than as agreed upon in our terms and conditions;
-
Protect your data from loss.
Our systems are checked and audited regularly by experts to ensure they meet all privacy standards, are protected through strong passwords and encryption and comply with our general data protection security and protection policies.
10. DO WE USE CCTV IN OUR HOMES?
​
Rosmead Healthcare uses CCTV in some of its care homes in order to provide reassurance to Residents and their Relatives, protect homes from unlawful intrusion and assist whistleblowers who may have raised concerns. Cameras are only to be used in
communal areas, other than in exceptional circumstances. All Rosmead Healthcarehomes using CCTV will:
-
Consult with all relevant third parties prior to installation;
-
Have considered the impacts and risks of CCTV, which will have been agreed by the Data Protection Officer;
-
Have appropriate signs informing all who enter that CCTV is in use in the home;
-
Have appropriate security of the CCTV equipment, including encryption to prevent unlawful access to any footage
If you have concerns about the use of CCTV, please speak to the Home Manager in the first instance.
11. ROSMEAD HEALTHCARE AND SOCIAL MEDIA:
​
Rosmead Healthcare uses social media to keep the public up to date with what is going on in our homes. We will never use photographs of Residents, visitors or Colleagues without seeking permission to do so.
Facebook- https://www.facebook.com/RosmeadHealthcare
​
12. HOW TO CONTACT US:
​
If you need to contact us about anything relating to your personal information, or would like to be provided with a copy, you can speak to us by
​
Writing to us: General Manager
Rosmead Healthcare, 370 Wilsthorpe Rd, Long Eaton NG10 4AA Nottingham, UK.
Emailing us: admin@rosmeadhealthcare.co.uk
Telephoning us: +44 115 946 2150
Rosmead Healthcare must by law have a Data Protection Officer (DPO) who ensures that Rosmead Healthcare only uses your data according to the law. Our DPO is Russell Wynn and our deputy DPO is Louise Garrett-Cox. Should you need to speak to them, please use the details above.
We may change this Privacy Notice from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects how we protect your information.
Any changes will be made available on the General Privacy Policy page on our website.
Complaints
If you have any concerns about the way in which we are using your personal information, please contact our Data Protection Officer using the details above, and we will endeavour to address your concern.
However, you do also have the right to complain about how we treat your personal information to the Information Commissioner’s Office (“ICO ZB047616”).
​
​
YOUR RIGHTS UNDER DATA PROTECTION
​
Under the law, you have certain rights in relation to your personal information. Where you choose to use your rights, Rosmead Healthcare must:
- Respond to your request within one calendar month (unless extended);
- Respond in a plain and clear language;
- Be sure as to your identity;
- Provide the information free of charge (unless it is repeated or manifestly unfounded);
- Tell you why we are unable to comply with your request;
- Protect the rights of other individuals.
Please click on each section for more information as to each of the rights.
1. THE RIGHT TO KNOW HOW YOUR INFORMATION IS USED
​
This is the right to know about how and why Rosmead Healthcare is collecting, using and storing personal information about you. This should either take place when we collect your information, or where we collect it from a third party, within one calendar month.
We do not have to tell you that we are using your personal data where it may prejudice investigations, or our obtaining the information is required by law.
2. THE RIGHT TO OBTAIN COPIES OF YOUR INFORMATION
​
There is a right to ask Rosmead Healthcare to provide copies of your personal information that Rosmead Healthcare might have obtained, be using or have stored about you.
This right should not adversely affect other people. To request copies of your information please email: admin@rosmeadhealthcare.co.uk or contact our Data Protection Officer.
3. THE RIGHT TO CORRECT INACCURATE INFORMATION
​
There is a right to ask Rosmead Healthcare to correct your personal data where you believe it is wrong.
Where we cannot legally correct your data, we will look to obtain a supplementary statement from you, explaining why you believe the data is inaccurate or incomplete, and this can be placed alongside the personal information we hold.
Check whether they use the same email address for this or they have a separate one correct
4. THE RIGHT TO DELETE YOUR INFORMATION
​
There is a right to ask Rosmead Healthcare to delete any of your personal data that we have, and is often called the right to be forgotten.
This right does not apply where Rosmead Healthcare are under a legal obligation to retain your information, there is a public interest in retaining your information, we need to retain your information for public health purposes, or we need to retain your information in case of future legal claims.
5. THE RIGHT TO LIMIT THE USE OF YOUR INFORMATION
​
There is a right to ask Rosmead Healthcare to limit its use of the information. This will only apply where:
- the accuracy of the information is contested;
- the processing is unlawful, but you do not want it to be deleted; or
- Rosmead Healthcare no longer requires the information, but it is necessary to retain for legal claims.
6. ADDITIONAL RIGHTS
​
There are also additional rights around being able to transfer your information to another organisation and around a system making automated decisions about you.
However, such rights will be limited in terms of Rosmead Healthcare's legal reasons for using the information.
Rosmead Healthcare does not currently make any automated decisions about you.
ORGANISATIONS WE WORK WITH
​
Rosmead Healthcare cannot deliver kind, person-centred care on our own. We are part of a much wider system to ensure that you are always safe in our care.
In each section below, you can see some of the different organisations that we work with. Where we can, we have provided a link to the organisation’s privacy statements.
Please note that Rosmead Healthcare are not responsible for the content of third-party privacy statements. If you have any questions regarding them, please contact the organisation directly.
1. LOCAL GOVERNMENT
Local authorities have certain responsibilities relating to commissioning of care, but also keeping people safe from abuse and neglect. To find your appropriate local authority in England and Wales, please click here. For Scottish local authorities click here.
The Local Government and Social Care Ombudsman looks at individual complaints about councils, all adult social care providers (including care homes and home care agencies) and some other organisations providing local public services.
2. LAW ENFORCEMENT
We work with Police forces across the United Kingdom to ensure that our Residents stay safe and any incidents are thoroughly investigated. To find the appropriate Police force click here, and select whether the Police force is in England, Wales or Scotland.
3. REGULATORS
We work with a number of regulators across the United Kingdom to ensure our care keeps you safe.
Care Quality Commission (England) - www.cqc.org.uk/privacy
Care Inspectorate (Scotland) - www.careinspectorate.com/index.php/core-privacy- notice
Care Inspectorate Wales - https://careinspectorate.wales/privacy-policy
Disclosure & Barring Service (England & Wales) - www.gov.uk/government/publications/dbs privacy policies
Social Care Wales - https://socialcare.wales/generic-content/privacy-notice
Disclosure Scotland - https://www.mygov.scot/privacy/
Health & Safety Executive - https://www.hse.gov.uk/privacy.htm
Information Commissioners Office - https://ico.org.uk/global/privacy-notice/
Nursing and Midwifery Council - https://www.nmc.org.uk/contact-us/data- protection/privacy-notice/
4. NHS ORGANISATIONS
​
We work with NHS organisations who commission and deliver healthcare services that our Residents may use.
NHS England - https://www.england.nhs.uk/contact-us/privacy-notice/
Clinical Commissioning Groups (England) - https://www.england.nhs.uk/ccg-details/
NHS Scotland - https://www.scot.nhs.uk/privacy/
NHS Scotland Health Boards - https://www.scot.nhs.uk/organisations/
NHS Wales - https://www.wales.nhs.uk/privacystatement
NHS Wales Directory of Services - http://www.wales.nhs.uk/ourservices/directory
NHS Digital - https://digital.nhs.uk/about-nhs-digital/our-work/keeping-patient-data- safe/how-we-look-after-your-health-and-care-information