Skip to content Skip to footer
Donate
Donate
Close
Donate

Privacy Policy

In accordance with the EU and UK General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018, this Notice sets out what information Little Sisters of the Poor (LSP) holds on residents, their families or those with power or attorney.  It explains how we use that information, how it is protected and the rights of those whose information we hold.

Data Controller

The Data Controller is the Little Sisters of the Poor: Our public address is:

Little Sisters of the Poor
St. Peters Residence
2A Meadow Road
South Lambeth
London  SW8 1QH

Telephone:  0207 735 0788

Data Protection Officer

The Data Protection Officer for the Group is Greg Mintern. He can be contacted via the following:

Email: DPO@LSPLondon.co.uk

Telephone: 0207 735 0788

Post: Little Sisters of the Poor
St. Peters Residence
2A Meadow Road
South Lambeth
London  SW8 1QH

Introduction

This is The Little Sister’s of the Poor’s Privacy Notice – Residents.

As part of the services we offer, we are required to process personal data about our residents and, in some instances, the friends or relatives of our residents. “Processing” can mean collecting, recording, organising, storing, sharing or destroying data.

We are committed to being transparent about why we need your personal data and what we do with it. This information is set out in this privacy notice. It also explains your rights when it comes to your data.

If you have any concerns or questions please contact the Data Protection Officer.

Residents

What data do we have?

So that we can provide a safe and professional service, we need to keep certain records about you. We may process the following types of data:

  • Your basic details and contact information e.g. your name, address, date of birth and next of kin;
  • Your financial details e.g. details of how you pay us for your care or your funding arrangements.

We also record the following data which is classified as “special category”:

  • Health and social care data about you, which might include both your physical and mental health data.
  • We may also record data about your race, ethnic origin, sexual orientation, Bio-Metric information or religion.
  • Images used as part of the CCTV security system.

Why do we have this data?

We need this data so that we can provide high-quality care and support. By law, we need to have a lawful basis for processing your personal data.

We process your data because: 

  • We have a legal obligation to do so – generally under the Health and Social Care Act 2012 or Mental Capacity Act 2005.
  • Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract, such as when you apply to become a resident.

We process your special category data because in addition to the lawful basis we also have the following exemption (article 9) justification(s).

  • Processing is necessary for the purposes of, the provision of health or social care or treatment or the management of health or social care systems and services on the basis of (Health and Social Care Act 2012) or pursuant to contract with a health professional
  • Processing is necessary for the purposes of carrying out the obligations and exercising specific rights of the controller or of the data subject in the field of social security and social protection law (Safeguarding )
  • We are required to provide data to our regulator, the Care Quality Commission (CQC), Care Inspectorate and Health Information Quality Authority (HIQA) as part of our public interest obligations.

We may also process your data with your consent. If we need to ask for your permission, we will offer you a clear choice and ask that you confirm to us that you consent. We will also explain clearly to you what we need the data for and how you can withdraw your consent at any time. 

Where do we process your data?

So that we can provide you with high quality care and support we need specific data. This is collected from or shared with:

  1. You or your legal representative(s);
  2. Third parties such as GP, Other health & social care providers
  3. Local Authorities
  4. Funding Authorities
  5. Your family and friends – with your permission
  6. Organisations we have a legal obligation to share information with i.e. for safeguarding, the CQC, SCI and HIQA;
  7. The police or other law enforcement agencies if we have to by law or court order.
  8. Payment processors – to enable us to process your care payments. We use consistent third-parties who act as data processors on our behalf to provide specific services.

We do this face to face, via phone, via email, via post, via application forms, via digital transfer.

Friends/Relatives

What data do we have?

As part of our work providing high-quality care and support, it might be necessary that we hold the following information on you:

  • Your basic details and contact information e.g. your name and address and telephone number or email.
  • Your relation to the resident / prospective resident.

Why do we have this data?

By law, we need to have a lawful basis for processing your personal data.

We process your data because we have a legitimate business interest in holding next of kin and lasting power of attorney information about the individuals who use our service.

We may also process your data with your consent. If we need to ask for your permission, we will offer you a clear choice and ask that you confirm to us that you consent. We will also explain clearly to you what we need the data for and how you can withdraw your consent. 

Where do we process your data?

So that we can provide high quality care and support we need specific data. This is collected from or shared with:

  1. You or your legal representative(s);
  2. Third parties such as local authorities and commissioners.

We do this face to face, via phone, via email, via our website, via post, via application forms.

Third parties are organisations we have a legal reason to share your data with. These may include:

  • Other parts of the health and care system such as local hospitals, the GP, the pharmacy, social workers, and other health and care professionals;
  • The Local Authority;

The police or other law enforcement agencies if we have to by law or court order.

Your rights

The data that we keep about you is your data and we ensure that we keep it confidential and that it is used appropriately. You have the following rights when it comes to your data:

  1. You have the right to request a copy of all of the data we keep about you. Generally, we will not charge for this service;
  2. You have the right to ask us to correct any data we have which you believe to be inaccurate or incomplete. You can also request that we restrict all processing of your data while we consider your rectification request;
  3. You have the right to ask that we erase any of your personal data which is no longer necessary for the purpose we originally collected it for. We retain our data in line with the Records Management Code of Practice 2021 (Records Management Code of Practice – NHS Transformation Directorate (england.nhs.uk)
  4. You may also request that we restrict processing if we no longer require your personal data for the purpose we originally collected it for, but you do not wish for it to be erased.
  5. You can ask for your data to be erased if we have asked for your consent to process your data. You can withdraw consent at any time – please contact us to do so.
  6. If we are processing your data as part of our legitimate interests as an organisation or in order to complete a task in the public interest, you have the right to object to that processing. We will restrict all processing of this data while we look into your objection.

You may need to provide adequate information for our staff to be able to identify you, for example, a passport or driver’s licence. This is to make sure that data is not shared with the wrong person inappropriately. We will always respond to your request as soon as possible and at the latest within one month.

Automated Decision-making being applied to Personal Data

There is no automated decision-making being made using your personal data.

Transfer of Data

Where data is stored or transmitted to a Third Country (any country outside of the European Economic Area (EEA)) or a country that has legal Equivalency with UK / EU GDPR. We will ensure appropriate adequacy protection is in place in accordance with Data Protection Legislation.

Consequently, we may also need to sometimes undertake further security and screening questions when undertaking our routine dealings with you these are there to protect your personal data and security. Whilst we undertake all reasonable precautions, encryption, software updates and patches, we cannot guarantee the safety of data transmitted over the internet.

Little Sisters of the Poor,   is one of many organisations working in the health and care system to improve care for patients and the public – We have been requested by the NHS to share the following;

Whenever you use a health or care service, such as attending Accident & Emergency or using Community Care services, important information about you is collected in a patient record for that service. Collecting this information helps to ensure you get the best possible care and treatment, such as a GP appointment.

The information collected about you when you use these services can also be used and provided to other organisations for purposes beyond your individual care, for instance to help with:

  • improving the quality and standards of care provided
  • research into the development of new treatments
  • preventing illness and diseases
  • monitoring safety
  • planning services

This may only take place when there is a clear legal basis to use this information. All these uses help to provide better health and care for you, your family and future generations. Confidential patient information about your health and care is only used like this where allowed by law.

Most of the time, anonymised data is used for research and planning so that you cannot be identified in which case your confidential patient information isn’t needed.

You have a choice about whether you want your confidential patient information to be used in this way. If you are happy with this use of information you do not need to do anything. If you do choose to opt out your confidential patient information will still be used to support your individual care.

National data opt out 

The NHS makes use of anonymised data that is used for research and planning so that you cannot be identified in which case your confidential patient information isn’t needed. 

You have a choice about whether you want your confidential patient information to be used in this way. If you are happy with this use of information you do not need to do anything. If you do choose to opt out your confidential patient information will still be used to support your individual care. 

To find out more or to register your choice to opt out, please visit www.nhs.uk/your-nhs-data-matters. You can change your mind about your choice at any time.

Raising a Complaint

If you would like to complain about how we have dealt with your request(s), please contact:

Greg Mintern
Data Protection Officer
Email: DPO@lsplondon.co.uk

Or

Post: Greg Mintern (DPO)
Little Sisters of the Poor
St. Peters Residence
2A Meadow Road
South Lambeth
London  SW8 1QH

If you are not satisfied with our response, please contact our regulator, The Information Commissioner’s Office to raise a complaint at:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

https://ico.org.uk/global/contact-us/