Privacy Policy

How we use staff information

The categories of information that we process include:

  • Personal information (HCPC number)
  • Characteristics information (such as gender, age, ethnic group)
  • Contract information (such as start date, FTE, role)
  • Work absence information (such as number of days missed due to sickness absence)
  • Qualification level
  • Medical information
  • Addresses
  • Next of kin emergency addresses
  • Bank details


This list is not exhaustive, and exception may apply in circumstances.

Why we collect and use staff information

We use workforce data to:


  • Enable the development of a comprehensive picture of the workforce and how it is deployed
  • Improve the management of workforce data across the sector
  • Inform the development of recruitment and retention policies
  • Enable individuals to be paid
  • Enable monitoring of selected protected characteristics


Under the General Data Protection Regulation (GDPR), the legal basis / bases we rely on for processing personal information for general purposes are:


Article 6, and Article 9 from the GDPR


  • for the purposes of Safeguarding in accordance with the legal basis of Child Protection/ Safeguarding Vulnerable Adults.

In addition, concerning any special category data:

Collecting workforce information

We collect personal information via application forms, DBS checks, emergency contact details, equal opportunities monitoring forms etc.

Workforce data is essential for the local authority’s operational use. Whilst most of the personal information you provide to us is mandatory, some of it is requested on a voluntary basis. In order to comply with GDPR, we will inform you at the point of collection, whether you are required to provide certain information to us or if you have a choice in this.

Storing workforce information

We hold data securely for the set amount of time shown in our data retention schedule. For more information on our data retention schedule and how we keep your data safe.

All files are retained in a lockable staff for the period of up to five years either in lockable storage or retained electronically in archive files.

Who we share workforce information with:

We routinely share this information with:


  • Our local authority (where applicable)
  • The Department for Education
  • CQC
  • ICO
  • EDT
  • Police
  • Health Professionals

Why we share staff information

We do not share information about our workforce members with anyone without consent unless the law and our policies allow us to do so.

Department for Education

The Department for Education (DfE) collects personal data from educational settings and local authorities via various statutory data collections. We are required to share information about our workforce with the Department for Education (DfE) for the purpose of those data collections, under:


We are required to pass information about our child and family social work workforce employees to the Department for Education (DfE) , CQC, OFSTED, through regulations under Section 83 of the Children Act 1989.


All data is transferred securely and held by DfE under a combination of software and hardware controls which meet the current government security policy framework.


For more information, please see ‘How Government uses your data’ section.

Requesting access to your personal data

Under data protection legislation, you have the right to request access to information about you that we hold. To make a request for your personal information, contact [Yemi Ibikunle, Data Protection Officer]


You also have the right to:

  • To ask us for access to information about you that we hold
  • To have your personal data rectified, if it is inaccurate or incomplete
  • To request the deletion or removal of personal data where there is no compelling reason for its continued processing
  • To restrict our processing of your personal data (i.e. permitting its storage but no further processing)
  • To object to direct marketing (including profiling) and processing for the purposes of scientific/historical research and statistics
  • Not to be subject to decisions based purely on automated processing where it produces a legal or similarly significant effect on you


If you have a concern about the way we are collecting or using your personal data, we ask that you raise your concern with us in the first instance. Alternatively, you can contact the Information Commissioner’s Office at


Withdrawal of consent and the right to lodge a complaint

Where we are processing your personal data with your consent, you have the right to withdraw that consent. If you change your mind, or you are unhappy with our use of your personal data, please let us know by contacting Yemi Ibikunle

Last updated

We may need to update this privacy notice periodically, so we recommend that you revisit this information from time to time.


If you would like to discuss anything in this privacy notice, please contact: Yemi Ibikunle

How Government uses your data

The workforce data that we lawfully share with the DfE through data collections:


  • informs government policy on matters related to child and family social workers
  • may be used to inform the distribution of funding to local authorities
  • supports ‘longer term’ research and monitoring of children’s social care policy

Data collection requirements

Sharing by the Organisation

The Department may share information about employees with third parties who promote the education or well-being of children or the effective deployment of school staff in England by:


  • Conducting research or analysis
  • Producing statistics
  • Providing information, advice or guidance


The Department has robust processes in place to ensure that the confidentiality of personal data is maintained and there are stringent controls in place regarding access to it and its use. Decisions on whether DfE releases personal data to third parties are subject to a strict approval process and based on a detailed assessment of:


  • Who is requesting the data
  • The purpose for which it is required
  • The level and sensitivity of data requested; and
  • The arrangements in place to securely store and handle the data


To be granted access to workforce information, organisations must comply with its strict terms and conditions covering the confidentiality and handling of the data, security arrangements and retention and use of the data.


To contact the department:


Version History & Review

Version Number Date Description of Changes Approved by
01 15/04/2021 New Document  




Continuing our goal for care with dignity, integrity and respect, the privacy of our customer is protected to the highest degree. No client information will ever be disclosed to third parties without the written consent of the client involved unless required for emergency medical purposes.

How we use your information

Medical Partnerships take the privacy of our clients very seriously. The information we ask for during our initial assessment is necessary to complete an accurate and detailed Care Plan to enable us to provide the care required.

Copies of all documents are kept in locked cabinets in a closed office. This office is located in a secure building which is fully alarmed and access is restricted to authorised personnel only. Copies are also kept on a cloud storage system which is password protected and all computers used to access this system are also password protected.

You can be sure that all information held by Medical Partnerships is used solely for its intended purpose and is not shared with any other individual or company.

As a registered Domiciliary Care Provider we are regulated by the Care Quality Commission. We are therefore subject to both announced and unannounced inspections. During this process a Care Inspector will visit the office and ask to look through our files. If you would prefer your information not to be accessed during the inspection please let us know in writing and we will inform the Inspectors of your request.

At any time you can ask to view all the information we hold on you. If you have power of attorney for a service user, or they have given us written permission to share their information with you, then you can also request to see the documentation we hold. When a care package has come to an end we have to keep records for six years after the tax year to which they relate for Her Majesty’s Revenue and Customs (HMRC) purposes, however after this time has passed we destroy all records in a secure and responsible manner.

For all employees of Medical Partnerships the guidelines are very similar in that we never share or discuss your information with anyone else. However if requested we are legally bound to disclose information necessary to HMRC. We also destroy all employee records after the appropriate amount of time has passed in accordance with regulation.

If you have any other questions or concerns about how we collect and use your information please contact us. [email protected]