Privacy Policy

This is the Privacy Policy and Notice of Springdene Nursing & Care Homes Ltd (Springdene).  Springdene is registered with the Care Quality Commission to operate three residential care homes across three sites in North London.  Our registered office address is 30 City Road, London, EC1Y 2AB.  In carrying out its business, Springdene relies on personal information provided by residents as well as employees and volunteers.  This Privacy Policy explains how we collect, use, disclose and manage this information.

  1. What is personal information?

Personal data is defined as any information relating to an identified or identifiable natural person (‘Data Subject’).  An identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

  1. Who we collect information from, and our reasons for doing so

Springdene collects personal information from two main Data Subject groups in particular:

  1. Residents.  As a registered care provider, we rely on residents providing us with personal information, including medical and financial information, to enable us to provide effective care and support services.  We may also collect this information from family or friends of residents who are authorised to provide this information on their behalf. 
  2. Employees and volunteers.  Springdene also sources personal information from or about employees and volunteers, including prospective employees and volunteers, for the purposes of recruitment and employment and in general to manage the employment relationship.
  1. How we collect information

The bulk of personal information which we hold about residents, employees and volunteers is collected when a prospective resident or prospective employee/volunteer completes our inductive application or assessment forms.  While the majority of these forms are paper-based and completed manually, some supporting information may be provided to us electronically.  For residents, information is generated from the point of initial enquiry or referral through to financial and needs assessments to more comprehensive care and support plans.  For employees and volunteers, personal information is obtained directly through the completion and submission of recruitment forms, including application forms, references, testimonials and criminal records (DBS) checks. Personal employee data may also be collected and/or stored via: our intranet; security records and systems; time keeping records; telephone recording or monitoring systems; CCTV; email systems; other electronic and paper HR files. Personal data may be provided to us by an employee themselves, or by third parties (such as former employers), or may be created during the employment relationship (e.g. appraisal records) or on its termination (e.g. references provided to prospective employers). When recruiting, we seek the express consent of applicants to obtain the information necessary for us to be able to decide whether or not to employ them.

  1. What we do with your personal information and with whom we might share it

All personal information obtained on residents, employees and volunteers is used only for the purpose of enabling us to provide a person-centred care service for our residents in line with our company’s vision and values and consistent with all regulatory data protection standards and requirements. 

Within our organisation, information about an individual is only ever shared to the extent that this is necessary for the effective delivery of the service.  Occasionally, and by exception, it may be necessary to share personal information with particular external organisations for specific reasons relating to care or recruitment/employment in line with the purposes outlined above.  This is only done with the data subject’s consent and on a strict “need to know” basis.  Most information sharing involving residents’ information is with other health and medical professionals and agencies which are directly involved with the service user’s care and treatment.  Where residents are unable to give informed consent to the disclosure of their information, the Home Manager or representative, together with a representative of the service user, should devise a strategy in the best interests of the client.  This agreement should then be documented in the care/support plan of the client.  Similarly, information about employees is only shared with their clear agreement, e.g.  when providing a reference.  Personal information is not used for any other purpose, including for marketing, unless express consent is sought in advance. 

Personal information will not be disclosed or shared for any other reasons.  The only exception to this rule is if/when we are required by law to provide certain information, e.g.  to assist with a criminal investigation or as part of an employment law claim.  Having said this, even when we are required to provide a governing body with information – such as details involving a safeguarding matter provided to the Care Quality Commission (CQC), or to meet legal and/or regulatory requirements as part of an employee criminal investigation – we will at all times seek consent first, if possible, and ensure that any forwarded information is treated in strict confidence.

  1. Access to your information (Subject Access Request)

There are procedures in place to enable any staff member, employee or volunteer whose personal information we hold to access to their information on request.  (See the policies listed in “How we keep your information safe”, below.)  This right to access includes both the information itself and any uses which we might have made of the information.  You have the right to request a copy of the information that we hold about you.  If you would like a copy of some or all of your personal information, please contact us at the office address above.  Alternatively, please phone us on 020 8446 2117.  We also endeavour to make sure any personal information we hold is kept up to date.  Please contact us if you wish to update, correct or remove any of your information.

All employees have the right to review the information that the Company holds about them, with some exceptions.  If an employee wishes to make a ‘subject access request’ they should write to the Group HR Manager. The Company will usually respond within one month.  If the request is complex the timescale for a response may be extended by up to two months.  Where this is the case, we will advise the employee of this within one month of receiving their request and explain why we need more time. No charge will usually be made for a response to a subject access request. If an employee receives a subject access request from another member of staff they should immediately forward it to the Group HR Manager.

  1. Confidentiality

All personal information is considered strictly private.  On appointment, all employees and volunteers of Springdene are required to sign a Confidentiality Agreement and are expected to maintain confidentiality at all times.  Breaches of confidentiality are taken seriously and will be regarded as a potential disciplinary issue.  Serious breaches of confidentiality may be considered gross misconduct and lead to dismissal.  When dealing with personal information about residents, staff are required:

  • Where a caller asks for personal information over the phone, to double-check the caller’s identity and their right to access the requested information.
  • To be wary of accessing confidential information inadvertently, e.g. by opening mail or overhearing a telephone conversation.  It is just as important to respect confidentiality in these situations.
  • To take particular care with sensitive information, e.g. medical information or details about client finances.
  • To respect confidentiality when outside of work as well as at work.
  • To not discuss personal information about a resident in the presence of another resident or a resident’s friend or family member.
  • To not discuss personal information about another member of staff, including discussing references or other HR issues, in the presence of another staff member or in the presence of a resident or the resident’s friends or family.
  • To ensure discussions about a case are held in an appropriate place, and to be wary of discussions being overheard.
  • To disclose relevant information only in meetings about a client.
  • To take care when throwing information away.  All confidential records should be shredded.
  • To ensure that confidential information received via the post or internal mail is placed in a sealed envelope and marked ‘private and confidential’.
  • To not leave confidential information lying around where it can be seen by others.
  • To record the source of all information provided by an external individual or agency.
  • To remember that the resident has a right to see all information about them held by Springdene .
  • To ensure notes about residents are factual, observable and objective.  Do not record unsubstantiated opinions or derogatory remarks.  All written information must be accurate and justifiable.
  1. How long we keep information

There are protocols in place that determine how long the organisation will keep certain information, depending on the type of information and the category of Data Subject, and in line with relevant data protection legislation and regulations.  Further information can be found in our data protection, employment and operational policies as outlined in “How we keep your information safe”, below.

  1. How we keep your information safe

Springdene has a range of policies that enable us to comply with all data protection regulations and requirements.  Foremost are:

  • Data Protection Policy
  • Privacy Policy
  • Confidentiality Agreement
  • Recruitment and Selection policies
  • Employee Handbook: “Your guide to working for Springdene Care Homes Group” and related HR Policies
  1. Changes to our privacy policy

Our privacy policy is subject to regular review.  Privacy is an important element of regular risk assessments.  Comprehensive reviews of our data protection policies, procedures and protocols are conducted at least annually.  The date when this policy was last reviewed is annotated at the top of the first page.