Data Controller(s)

NHS Sheffield CCG

Purpose

Information for safeguarding purposes is used to assess and evaluate safeguarding concerns to ensure individuals (children and adults at risk of abuse or neglect) within the CCG’s boundaries are effectively protected.

Type of information Used

Identifiable: Personal (such as name, address, date of birth) and Special Category (health information)

Legal basis

GDPR Article 6(1)(e) ‘processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority…’

GDPR Article 9(2)(b) ‘processing is necessary for the purposes of carrying out the obligations and exercising the specific rights of the controller or of the data subject in the field of …social protection law in so far as it is authorised by Union or Member State law..’

For the purposes of Article 9(2)(b) the provisions of the Children Acts 1989 and 2004, and the Care Act 2014 are relevant.

How we collect (the source)and use the information

The CCG may receive information relating to safeguarding concerns from you directly or relatives or through notification of concerns from other Health and Social Care organisations. All Health and Social Care professionals have a legal requirement to share information with appropriate agencies where safeguarding concerns about children or adults have been received. Where it is appropriate to do so the organisations will keep you informed of when information is required to be shared, to be provide you with assurance regarding the security of that sharing and the benefit to you or the person you are raising safeguarding concerns about. Access to this information is strictly controlled and where there is a requirement to share information, e.g. with police or social services, all information will be transferred safely and securely ensuring only those with a requirement to know of any concerns are appropriately informed.

The Children Act 1989 establishes implied powers for local authorities to share information to safeguard children. Local authorities have a duty to investigate where a child is the subject of an emergency protection order, is in police protection or where there is reasonable cause to suspect that a child is suffering or is likely to suffer significant harm.

The Children Act also requires local authorities ‘to safeguard and promote the welfare of children within their area who are in need’ and to request help from specified authorities including NHS Trusts and Foundation Trusts, NHS England and CCGs. These are required by the Children Act to comply with such requests. Under the Children Act 2004 local authorities must make arrangements to promote cooperation with relevant partners and others, to improve well-being.

The Care Act 2014 outlines the responsibilities of organisations to comply with requests for information from the Safeguarding Adults Board to enable or assist the Board to exercise its functions. This may include information required to undertake a Safeguarding Adult Review.

The statutory guidance to the Care Act emphasises that early sharing of information is the key to providing an effective response where there are emerging concerns, and that partner organisation should ensure that they have the mechanisms in place that enable early identification and assessment of risk through timely information sharing and targeted multi-agency intervention.

Data Processors

None

Your Rights

With regards to Safeguarding under GDPR you have the right:

• To be informed about the processing of your information (this notice)
• Of access to the information held about you
• To have the information corrected in the event that it is inaccurate
• To be notified of data breaches

How long we will keep the information

Information is kept in accordance with the Records Management Code of Practice for Health and Social Care 2016 – depending on the nature of the records held, some records will be kept for longer than the standard retention periods within the Code of Practice.

Who we will share the information with (recipients)

Information may be shared with Safeguarding Boards, Multi-Agency Safeguarding Hubs (MASH), Multi-Agency Risk Assessment Conference (MARAC), Local Authority, other Health and Social Care organisations or the Police.