Privacy Notice – Special Educational Needs and Disabilities (SEND)

What we do with your personal data

Introduction

Data Controller – Somerset Council – ICO Registration Z5957592

Data Protection Officer Contact – informationgovernance@somerset.gov.uk

The Special Educational Needs and/or Disabilities (SEND) service is responsible for carrying out duties under the Children and Families Act 2014 in relation to all aspects of SEND including early identification and assessment; statutory assessment processes, and the ongoing monitoring of children and young people who have Education, Health and Care (EHC) Plans. We work in a coordinated way with other children and young people’s services in Somerset Council and with partner organisations to ensure we deliver the best possible outcomes for children and young people with SEND in Somerset. In order to do this, it is necessary for the Council to process personal data relating to children and young people with special educational needs and disabilities and their parents. The information we collect will usually include:

  • Personal information (such as name, address, contact details, date of birth, parent/carer name(s) and contact details, gender, unique identification number, for example NHS Number)
  • Details of Special Educational Needs and/or Disabilities
  • Ethnicity
  • Information about physical or mental health
  • Information about family circumstances

Purpose for processing

We use your personal information to:

  • Identify and/or clarify your child’s SEND needs.
  • Identify the support your child needs to help them to achieve their outcomes.
  • Make decisions about whether to conduct a statutory needs assessment or issue an Education, Health and Care (EHC) Plan.
  • Make decisions about the content of an EHC Plan including outcomes, provision and placement.
  • Support the ongoing monitoring of the provision specified in an EHC Plan where one is issued.
  • Inform EHC Plan annual review and monitor your child’s progress.
  • Support disagreement resolution or mediation processes and processes relating to appeals to the Special Educational Need and Disability Tribunal (SENDT).
  • Enable coordinated partnership working with other teams and organisations who can support your child.
  • Evaluate and quality assure the services we provide and analyse provision and outcomes to support future service improvement and commissioning.

Legal basis for processing

We rely on the following provisions of the General Data Protection Regulation (GDPR) as the lawful bases for processing your personal data:

  • Article 6 1(c) – Legal obligation
    Somerset Council has a legal obligation to provide a number of functions and services and it is necessary to process your personal data in order to comply with these obligations.
  • Article 6 1(e) – Public task
    Somerset Council carries out a number of tasks in the public interest or in the exercise of official authority vested in us and it is necessary to process your personal data in order to undertake such tasks.

We rely on the following provision of the General Data Protection Regulation (GDPR) as the lawful basis for processing your special category data:

  • Article 9 2(g) – substantial public interest
    In order to deliver some services it may be necessary to process data which is classed as special category. This is information about you which, due to the nature of it, is afforded additional protections under data protection law. This information may include details regarding health and disability.

Legislation to which our legal obligations and public tasks are related include:

  • Data Sharing Code of Practice (ICO 2012)
  • Children and Families Act 2014 (Part3)
  • Children’s Act 2004 (Part 2, Section 10)
  • Health and Social Care Act 2014 (Part 1, Section 3)
  • Care Act 2014 (Part 1, Section 7)
  • SEND Code of Practice (2014)

Data sharing

In order to meet the needs of children and young people with Special Educational Needs and/or Disabilities, Somerset Council works with a number of internal teams and external partners. In order to ensure that needs can be met, and positive outcomes achieved, it is sometimes necessary to share your personal data with our partners. Organisations we may share data with include:

  • Other council teams involved in improving outcomes for children and young people.
  • Commissioned providers delivering services on our behalf.
  • Schools, colleges and early years providers as well as wider education or training providers.
  • Partner organisations signed up to the Somerset Overarching Information Sharing Protocol (and related Tier 2 agreements), which include NHS organisations,
  • Somerset Clinical Commissioning Group, district councils, and the Police.
  • Other local authorities and social care or health providers outside of the Local Authority area.
  • Department of Education.
  • Providers of independent advice, guidance, mediation and advocacy.

When working to identify the setting to be named in a child or young person’s EHC Plan we will share information that we have gathered as part of a statutory needs assessment with providers who we feel may be suitable to meet the identified needs or for whom parents/carers have expressed a preference for.

Safeguarding – In cases where you or another member of the public may be at risk, your personal information will be shared as necessary in order to protect individuals from harm.

Other statutory obligations – The Council will share your personal information where we are legally obliged to do so – for example, for the prevention or detection of crime or fraud.

Data security

We have appropriate security measures in place to prevent personal information from being accidentally lost or misused. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. We have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are required to do so.

Your data will not be transferred abroad unless you are specifically informed at the point your data is collected.

Data Retention

Somerset Council will retain SEND pupil data for 34 years after the date of birth of the data subject. However, where information pertains to Children’s Social Care data, the retention may vary depending on the classification of the specific information (in some cases, DOB + 100 years).

Your Rights

Under the General Data Protection Regulation (GDPR) you have a number of rights in relation to the data we hold about you. These include the right to ask for a copy of your data, the right to rectify or erase your personal data, and the right to object to processing. However, these rights are only applicable if the Council has no other legal obligation concerning that data. Further information about your rights and how to exercise them can be found on our website – Your rights on the information we hold about you.

You also have the right to complain to the regulator (The Information Commissioner) and details can be found at The Information Commissioner website.

In some case if you do not supply your information to us, we will not be able to provide you with the services we are obliged to provide by law or any supplementary service you have asked for.

Last reviewed: April 19, 2023 by Ian

Next review due: October 19, 2023

Back to top