This Privacy Policy sets out the data processing practices carried out by all Healthwatch Knowsley activities, this includes this Healthwatch website. This policy also covers other activities that Healthwatch Knowsley are contracted to provide, including the Older People’s Involvement Programme, Knowsley Engagement Forum and Partnership Boards. If you have any requests concerning your personal information or any queries with regard to these practices, please contact us.
For an easy read version of this policy, please click here
Who we are
Healthwatch Knowsley is a local independent consumer champion and is a part of Healthwatch England, a statutory committee of the Care Quality Commission. The data controller of personal information collected is the Care Quality Commission. References to “we” or “us” below are to Healthwatch Knowsley.
This privacy statement covers this all Healthwatch Knowsley activities. This statement does not cover links within this website to other websites.
Information we collect
We collect personal information from visitors to this website through the use of online forms and every time you email us your details, as well as information provided through other activities.
When you simply browse through the information on this website, it does not store or capture your personal information. We do log your IP address (as it is automatically recognised by the web server) but this is so you can download this website onto your device rather than for any tracking purpose.
We will only collect personal information volunteered by you, such as:
- feedback from surveys and online forms
- email addresses and contact details
- preferred means of communication
Current Changes to this Privacy Policy
General Data Protection Regulations
At Healthwatch Knowsley, the protection of your personal data is very important to us. We adhere to the General Data Protection Regulation (GDPR), which took effect on May 25, 2018.
What is GDPR?
In 2016, the European Union (EU) approved a new privacy regulation called the General Data Protection Regulation commonly known as the GDPR. It’s a mandatory ruling that applies to all companies that collect the data and information of EU individuals and meet certain territorial requirements. The GDPR is designed to strengthen the security and protection of personal data in the EU, as well as provide businesses with a structured framework on how to collect, process, use, and share personal data. Under the GDPR, the concept of “personal data” is very broad, and covers almost any information relating to a specific individual.
When are these regulations starting to be enforced?
All companies collecting or processing the personal data of EU individuals must be GDPR compliant by May 25, 2018.
Is Healthwatch Knowsley compliant with GDPR?
Yes. We are compliant to the extent required and will continue to comply on an on-going basis. At Healthwatch Knowsley, we store our data collected online with Amazon Web Services (AWS), which is based in the EU via our data processor White Bear Digital Ltd (formerly EKKO). White Bear Digital Ltd and AWS also comply with the GDPR.
How did Healthwatch Knowsley prepare for GDPR compliance?
We welcomed the arrival of GDPR and view the regulations as raising the bar for data protection, security, and compliance. We have closely analysed the requirements of the GDPR and made enhancements to our site, databases and internal documentation. We approached this process with our staff and suppliers, to implement the necessary procedures and practices.
Where can I learn more about GDPR?
Additional information is available from the Information Commissioners Office: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/
Who should I contact?
If you have any additional questions about the GDPR you are welcome to contact us at Healthwatch Knowsley by email enquiries@healthwatchknowsley.co.uk or telephone 0151 449 3954
Cookies
Please be aware that some systems on our website require the use of cookies, but we will always state if this is the case. We will never collect and store information about you without your permission.
Find out more about our use of Cookies from the Healthwatch England website.
We will always take necessary steps to ensure that your information is protected and treated securely. Any details you give us will be held in accordance with the Data Protection Act 1998 and our data protection policy (part of our overall Information Governance Policy) and code of practice on confidential and personal information.
Purposes for which we use the information collected
Personal information about you will be used for the following purposes:
- in our day-to-day work;
- to send you our newsletter where you have requested it;
- to respond to any queries you may have;
- to improve the quality and safety of care.
This may include any personal information that you choose to share with us, but we will treat this as confidential and protect it accordingly.
We will never include your personal information in survey reports.
Who we disclose the information to
In order to fulfil our remit, we may disclose the personal information that we obtain through this website to the Secretary of State for Health, other parts of the Care Quality Commission (CQC), Healthwatch England, the NHS Commissioning Board, Monitor and every local authority in England, and suppliers we engage to process personal information on our behalf.
However, we will only disclose your personal information where we have your consent to do so, or where there is another very good reason to make the disclosure – for example, we may disclose information to CQC or a local authority where we think it is necessary to do so in order to protect a vulnerable person from abuse or harm. Any such disclosure will be made in accordance with the requirements of the Data Protection Act 1998.
Wherever possible, we will ensure that any information that we share or disclose is anonymised, so as to ensure that you cannot be identified from it.
How to obtain a copy of the information we hold about you
You have a right to access the personal information we hold about you. To obtain a copy of it, please get in touch with us.
Changes to this Privacy Policy
From time to time we may update this Privacy Policy. When we do so we will publish the changes on this website. If you do not agree to these changes, please do not continue to use the website. If material changes are made to this Privacy Policy, we will notify you by placing a prominent notice on the website.
Signing up to our newsletter
We retain all information in house, when signing up to our newsletter we ensure that the information we collect is securely stored. By subscribing to this service you will be agreeing to Healthwatch Knowsley handling your data. If you wish to unsubscribe from our newsletter, you may opt out by clicking on the “Unsubscribe” link in any of the email newsletters.
We adhere to the requirements of the Data Protection Act 1998 in how we obtain, handle and process your information and will not make your data available to anyone other than Healthwatch Knowsley.
Information about people who share their experiences with us by other means
There are a number of ways that we collect feedback from people about their experiences of using health and social care services day to day. Our staff will visit different health and social care settings as part of their role to evaluate how services are being delivered. We also receive phone calls and requests for information directly from members of the public as part of our signposting service.
Where personally identifiable information is collected we will ensure that we have your consent to keep it and we will be clear on how we intend to use your information. We will aim to anonymise information where we can but there may be instances where this is not possible in order to make change happen on your behalf. There may be exceptional circumstances where we can and will keep the data without consent but we must have a lawful basis for doing so, such as for safeguarding purposes.
We ensure that where consent is required it will be freely given, used only for agreed specific and unambiguous purposes and that you are well informed about how the information will be kept. This includes where it will be stored, details on security and for how long it will be kept. We will comply with current data protection legislation at all times.
Personal information may be collected with your consent through:
- Our signposting and advice service
- When we receive feedback by phone, outreach work or through surveys
- Enter and View activity
- Through other related activities, such as the Older People’s Involvement Programme, Knowsley Engagement Forum and Partnership Boards
Personal data received from other sources
On occasion we will receive information from the families, friends and carers of people who access health and social care services. We use this data to inform providers and commissioners to help them deliver services that work for you.
Where it is practically possible, we will make sure that we have your consent to use information that is about you. We will only process your personal data where there is a lawful basis to do so under current data protection legislation.
Publishing information
In most circumstances we anonymise our data to ensure that a person cannot be identified, unless this has been otherwise agreed and consent has been given.
Sharing your data with Healthwatch England
We are required to share information with Healthwatch England to ensure that your views are considered at a national level. This enables them to analyse service provision across the country and supply the Department of Health and national commissioners with the information you provide.
Find out more about Healthwatch England’s purpose and what they do.
The information we provide to Healthwatch England contains no personally identifiable data. Any information that is used for national publications is anonymised and will only be used with the consent of a local Healthwatch.
Our data systems
A secure digital database provided by White Bear Digital Ltd. whose servers are based in Ireland. We have a data processing agreement in place with them to ensure the data they hold is held in accordance with current UK data protection legislation.
How we share information with other organisations
We only share personal information with other organisations where it is lawful to so and in accordance with our Information Governance Policy. Information is shared in order to fulfil our remit which is to pass on your experiences of care to help improve them on your behalf.
White Bear Digital Ltd. provide our database and is a data processor on our behalf. Access to this secure database is restricted according to job role. We have a data processing agreement in place with White Bear Digital Ltd. to ensure the data they hold is held in accordance with current UK data protection legislation.
Additionally, when you share an experience with us, it will be included in our analysis of the health and social care services. We share this information in person or using secure electronic means with those responsible for health and social care services in Knowsley and some of it is used in Healthwatch reports and publications to help influence the way services are delivered in the future. Please note all information within reports are anonymised.
We never share our mailing lists with any other organisation.
We work with Healthwatch England, the Care Quality Commission (CQC), local commissioners, NHS Improvement and our local authority to make this happen. We can also engage external suppliers to process personal information on our behalf.
We will only disclose your personal information where we have your consent to do so, or where there is another very good reason to make the disclosure, for example, we may disclose information to CQC or a local authority where we think it is necessary to do so in order to protect a vulnerable person from abuse or harm. Any such disclosure will be made in accordance with the requirements of the current data protection legislation.
Wherever possible, we will ensure that any information that we share or disclose is anonymised, so as to ensure that you cannot be identified from it.
We sometimes use other organisations to process personal data on our behalf. Where we do this, those companies are required to follow the same rules and information security requirements as us, outlined in a Data Processing Contract. They are not permitted to use reuse the data for other purposes.
Your rights
Your right to access information about you
If you think we may hold personal data relating to you and want to see it please write to enquiries@healthwatchknowsley.co.uk
Correcting or deleting your personal data
If you know that we are holding your personal data and believe that it may be wrong, or if you want it to be deleted or for us to stop using it, you have a right to request that it can be deleted or amended.
Please make your objection in writing to enquiries@healthwatchknowsley.co.uk
Or send it by post to:
Healthwatch Knowsley
The Old Schoolhouse,
St Johns Road,
Huyton,
Knowsley
L36 0UX
Complaints about how we look after or use your information
If you feel that we have not met our responsibilities under data protection legislation, you have a right to request an independent assessment from the Information Commissioner’s Office (ICO). You can find details on their website.
Our contact details and key roles
Healthwatch Knowsley is data controller for all of the personal data that you provide us with. Any issues relating to the processing of personal data by or on behalf of Healthwatch Knowsley may be addressed to:
Healthwatch Knowsley
The Old Schoolhouse,
St Johns Road,
Huyton,
Knowsley
L36 0UX
Telephone: 0151 449 3954
Email: enquiries@healthwatchknowsley.co.uk
Healthwatch Knowsley has designated the HR and Policy Manager for Sefton Council for Voluntary Service as the Data Protection Officer under Article 37 of the GDPR.
Reviewed: 17/1/20