Privacy Notice – Safeguarding
Some members of society are recognised as needing protection, for example children and vulnerable adults. If a person is identified as being at risk from harm we are expected as professionals to do what we can to protect them. In addition we are bound by certain specific laws that exist to protect individuals. This is called “Safeguarding”.
Where there is a suspected or actual safeguarding issue we will share information that we hold with other relevant agencies whether or not the individual or their representative agrees.
There are three laws that allow us to do this without relying on the individual or their representatives agreement (unconsented processing), these are:
Section 47 of The Children Act 1989 - https://www.legislation.gov.uk/ukpga/1989/41/section/47
Section 29 of Data Protection Act (prevention of crime) - https://www.legislation.gov.uk/ukpga/1998/29/section/29
Section 45 of the Care Act 2014 - http://www.legislation.gov.uk/ukpga/2014/23/section/45/enacted
In addition there are circumstances when we will seek the agreement (consented processing) of the individual or their representative to share information with local child protection services, the relevant law being; section 17 Childrens Act 1989 - https://www.legislation.gov.uk/ukpga/1989/41/section/17
1) Data Controller contact detailsFrome Medical Practice
Frome Medical Centre
Telephone: 01373 301301
2) Data Protection Officer contact detailsKevin Caldwell
GP Data Protection Officer
Telephone: 01935 384000
3) Purpose of the processing
The purpose of the processing is to protect the child or vulnerable adult.
4) Lawful basis for processing
The sharing is a legal requirement to protect vulnerable children or adults, therefore for the purposes of safeguarding children and vulnerable adults, the following Article 6 and 9 conditions apply:
For consented processing;
6(1)(a) the data subject has given consent to the processing of his or her personal data for one or more specific purposes
For unconsented processing;
6(1)(c) processing is necessary for compliance with a legal obligation to which the controller is subject
9(2)(b) ‘...is necessary for the purposes of carrying out the obligations and exercising the specific rights of the controller or of the data subject in the field of ...social protection law in so far as it is authorised by Union or Member State law..’
We will consider your rights established under UK case law collectively known as the “Common Law Duty of Confidentiality”*
5) Recipient or categories of recipients of the processed data
The data will be shared with Somerset Social Services, Get Set, Somerset Partnership – Mental Health, School Nurses, Health Visitors
6) Rights to object
This sharing is a legal and professional requirement and therefore there is no right to object.
There is also GMC guidance:
7) Right to access and correct
You, or your legal representative, have the right to access the data that is being shared and have any inaccuracies corrected. There is no right to have accurate medical records deleted except when ordered by a court of Law.
8) Retention period
The data will be retained for active use during any investigation and thereafter retained in an inactive stored form according to the law and national guidance.
9) Right to complain
You have the right to complain to the Information Commissioner’s Office, you can use this link https://ico.org.uk/global/contact-us/ or calling their helpline Tel: 0303 123 1113 (local rate) or 01625 545 745 (national rate).
* “Common Law Duty of Confidentiality”, common law is not written out in one document like an Act of Parliament. It is a form of law based on previous court cases decided by judges; hence, it is also referred to as 'judge-made' or case law. The law is applied by reference to those previous cases, so common law is also said to be based on precedent.
The general position is that if information is given in circumstances where it is expected that a duty of confidence applies, that information cannot normally be disclosed without the information provider's consent.
In practice, this means that all patient information, whether held on paper, computer, visually or audio recorded, or held in the memory of the professional, must not normally be disclosed without the consent of the patient. It is irrelevant how old the patient is or what the state of their mental health is; the duty still applies.
Three circumstances making disclosure of confidential information lawful are:
- where the individual to whom the information relates has consented;
- where disclosure is in the public interest; and
- where there is a legal duty to do so, for example a court order.
By using this site, you agree that we may store and access cookies on your device. Find out about our cookies.
Functional Cookies are enabled by default at all times so that we can save your preferences for cookie settings and ensure site works and delivers best experience.
3rd Party Cookies
This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.
Keeping this cookie enabled helps us to improve our website.