Privacy Notice – Family Safeguarding

Family Safeguarding

Data Controller – Somerset County Council – ICO Registration Z5957592

Data Protection Officer Contact – informationgovernance@somerset.gov.uk

The Family Safeguarding Service is a multi-agency approach to addressing factors within identified families which present safeguarding concerns. The service work to assess need and provide suitable intervention and support in order that care proceedings might be avoided. The types of data processed include:

Personal information (such as name, address, contact details, date of birth, parent/carer name(s) and contact details, gender, unique identification number, for example NHS Number).
Information about physical health, mental health and/or disability.
Information about family circumstances and behaviours.

Purposes for processing
We use your personal information to:

Examine the factors that have led to safeguarding concerns in relation to your family.
Identify harmful behaviours within the family and the impacts and risks they present.
Identify avenues of potential support and intervention to address the factors and behaviours.
Develop appropriate plans aimed at reducing the risks associated with identified factors and behaviours and reduce the likelihood of the removal of children from the family unit.

Legal basis for processing
We rely on the following provisions of the General Data Protection Regulation (GDPR) as the lawful bases for processing your personal data:

Article 6 1(c) – Legal obligation
Somerset County Council has a legal obligation to provide a number of functions and services and it is necessary to process your personal data in order to comply with these obligations.
Article 6 1(e) – Public task
Somerset County Council carries out a number of tasks in the public interest or in the exercise of official authority vested in us and it is necessary to process your personal data in order to undertake such tasks.

We rely on the following provision of the General Data Protection Regulation (GDPR) as the lawful basis for processing your special category data:

Article 9 2(g) – substantial public interest
In order to deliver some services it may be necessary to process data which is classed as special category. This is information about you which, due to the nature of it, is afforded additional protections under data protection law. This information may include details regarding health and disability.

Legislation to which our legal obligations and public tasks are related include:

Data Sharing Code of Practice (ICO 2012)
Children & Families Act 2014 (Part3)
Children’s Act 2004 (Part 2, Section 10)
Health and Social Care Act 2014 (Part 1, Section 3)
Care Act 2014 (Part 1, Section 7)

Data Sharing
In order to ensure that specific issues within families can be fully addressed and supported, Somerset County Council work with a range of public sector and contracted organisations in a multi-agency approach. Appropriate contractual arrangements and information sharing agreements are in place to ensure that all parties manage personal data and special category data in a manner compliant with current UK data protection legislation. In order to undertake this work, we may share your data with:

Health partners (NHS trusts, GP, Clinical Commissioning Group etc)
Turning Point (Drug and Alcohol Services)
The You Trust (Domestic Violence)

Safeguarding – In cases where you or another member of the public may be at risk, your personal information will be shared as necessary in order to protect individuals from harm.

Other statutory obligations – The Council will share your personal information where we are legally obliged to do so – for example, for the prevention or detection of crime or fraud.

Data Security
We have appropriate security measures in place to prevent personal information from being accidentally lost or misused. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. We have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are required to do so.

Your data will not be transferred abroad unless you are specifically informed at the point your data is collected.

Data Retention
Somerset County Council will retain data for a period of between 6 – 100 years, depending on category of involvement ranging from assessment to adoption.

Your Rights
Under the General Data Protection Regulation (GDPR) you have a number of rights in relation to the data we hold about you. These include the right to ask for a copy of your data, the right to rectify or erase your personal data, and the right to object to processing. However, these rights are only applicable if the Council has no other legal obligation concerning that data. Further information about your rights and how to exercise them can be found on our website.

You also have the right to complain to the regulator (The Information Commissioner) and you can find details on their website.

In some case if you do not supply your information to us, we will not be able to provide you with the services we are obliged to provide by law or any supplementary service you have asked for.