We aim to provide you with the highest quality care. To do this, we must keep records about you and the care we provide for you. This privacy notice tells you what to expect us to do with your personal information when you make contact with us or use our service.
Who we are
Calvern Care Limited is CQC registered Domiciliary care provider – delivering support to adults in their own home 365 days a year. Care can be funded privately, via Essex County Council or health funded via Mid Essex CCG. Calvern Care Limited is part of Provide Group which delivers health and social care services across Essex and the East of England.
What information do we collect about you?
The information we hold may include:
- Basic details, such as your name, NHS number, address and next of kin.
- Door access codes
- Contacts we have had with you, such as clinic visits.
- Notes and reports about your health and any treatment or care you needed.
- Details about your treatment and care.
- Information from other health professionals, relatives or those who care for you
- Special category data: race, ethnicity, sexual orientation, religion
- Surveys which are for the purpose of improving our service or monitoring outcomes and are not a form of marketing
How do we collect information about you?
We collect information about you in a number of ways:
Information you tell us:
We accept self-referrals, or from a family member or friends with your consent, which means that you or they can contact us directly to arrange an appointment. You will be asked for certain information when you contact us by phone or online to enable us to book you an appointment, answer your queries and to be able to provide appropriate care.
Information others tell us:
Where you are referred to us by Essex County Council or Mid Essex CCG, they will share relevant information about the care you have received from them to enable us to provide effective and safe care to you.
How do we use your information?
To support direct care provision and maintain safety of the individuals.
Information collected about you to deliver your care is also used to assist with:
- Making sure your care is of a high standard.
- Using statistical information to look after the health and wellbeing of the general public and planning services to meet the needs of the population.
- Assessing your needs against a set of risk criteria to ensure you are receiving the best possible care.
- Helping train staff
- Supporting the funding of your care.
- Reporting and investigation of complaints, claims and untoward incidents.
- Reporting events to the appropriate authorities when we are required to do so by law.
We may rely on one of the following legal basis for the processing your data:
Public Task – As a local authority contracted provider of domiciliary care the processing is necessary for us to perform a task in the public interest.
Data Protection law says it is appropriate to process data for the above purposes for health and social care treatment of service users and the management of health or social care systems and services.
Contract – We need to use your personal data so that you can enter into a contract with us to provide your care.
There may also be situations where we are under a duty to share your information. We are required by law to report certain information to the appropriate authorities. We might also share with the Care Quality Commission (CQC) to inspect the quality and safety of the care that we provide. We may also have to share your information when it is absolutely
necessary for the prevention or detection of crime or prosecution of offenders or where there are serious risks to the public or our staff.
We may also use your information to request feedback from you, such as requesting to complete the customer feedback survey in order to help improve the quality of services to you and customers, particularly the quality of experience undergone by customers.
Your information is never collected for direct marketing purposes and is not sold on to any other third parties.
How do we hold your information?
We hold your information electronically (using Carefree Care Management system and Birdy electronic care record) and sometimes in hard copy where necessary. We may also hold paper records from previous contacts.
Any records we hold about you are held securely and are only accessible to those who are involved in your care or have a legitimate need to access. Any access by our staff to your care records is fully audited.
All of our staff receive appropriate and on-going training to ensure they are aware of their personal responsibilities and have contractual obligations to uphold confidentiality, enforceable through disciplinary procedures. Staff only have access to personal information where it is appropriate to their role and is strictly on a need-to-know basis.
Your information is not processed overseas. In most cases your information is held in the UK however some of the service providers we use may hold your information outside the UK. If we do transfer your personal information outside the of the UK we will make sure that it is protected to the same extent as it would be within the UK.
How long do we hold your information for?
Information is held for specified periods of time, the duration of care delivery plus 7 years, as set out in the Records Management Code of Practice for Health and Social Care.
Who do we share the information with?
Organisations that we often share information with include:
- Social Care
- NHS Hospitals & Clinics
- General Practitioners
- Ambulance Services
- Voluntary Sector Organisations
- Other Community Health Providers
- Mental Health Trusts
Also, Subject to Strict Protocols: Local Authority Services, Private Sector Providers, Commissioners of our Services and the Health Protection Agency
We will only share information with those who have a legitimate right to know.
If we need to use your personal information for any reasons beyond those stated above, we will discuss this with you and ask for your permission to do so where you will have the option to agree or disagree. This is known as explicit consent. Data Protection laws gives individuals rights in respect of the personal information that we hold about you. These are:
- To ask for access to your information
- To ask for your information to be corrected if it is inaccurate or incomplete.
- To ask for your information to be deleted or erased. Please note that this does not apply to your care record, or where we process information for public health purposes.
- To ask us to restrict the use of your information in some circumstances.
- To request your personal information to be transferred to other providers on certain occasions.
Should you have any further queries on the uses of your information, please speak to our Provide Group Data Protection Officer – by emailing firstname.lastname@example.org.
Should you wish to lodge a complaint about the use of your information, please contact us on email@example.com.
If you are still unhappy with the outcome of your enquiry you can write to: The Information Commissioner, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF. Telephone: 01625 545700