WRaPT Fair Processing Notice
In order to meet the challenge of providing effective and meaningful workforce planning the WRaPT Team collect and process a range of information relating to a wide variety of organisations across the health and social care economy. Some of the data is personal, related to individuals working for health and social care organisations.
The data we hold
WRaPT stores data relating to staff roles such as contractual hours and salary as well as some protected characteristics including: gender, year of birth, religion, ethnicity, sexual preference and disability status.
We do not collect names or National Insurance numbers however we do collect a unique identifier, usually an assignment number. We use this to create a pseudonym identifier for each record. Doing this reduces the risk of individuals being identified from the data whilst allowing us to fulfil our responsibilities to data subjects and partner organisations.
Where does the information come from?
All the data we use comes from our partner organisations in the health and social care economy – in most cases your employer. They are responsible for ensuring that the data we have is accurate and limited to only the required fields.
What do we use the information for?
The data is used to create scenario models based on workforce, activity or efficiency changes. It is also used to create workforce baselines and equality impact assessments by analysing the protected characteristics. This allows workforce planners to ensure that changes do not adversely affect any particular group.
We take our duty to protect personal information and confidentiality very seriously and we are committed to taking all reasonable measures to ensure the confidentiality and security of personal data for which we are responsible. The Principles of The Data Protection Act 1998, as set out below are fully endorsed by the WRaPT Team.
The eight principles require that personal information:
- Shall be processed fairly and lawfully and, in particular, shall not be processed unless specific conditions are met.
- Shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes.
- Shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed
- Shall be accurate and, where necessary, kept up to date
- Shall not be kept for longer than is necessary for the specified purpose(s)
- Shall be processed in accordance with the rights of data subjects under the Act
- Should be subject to appropriate technical and organisational measures to prevent the unauthorised or unlawful processing of personal data, or the accidental loss, destruction, or damage to personal data
- Shall not be transferred to a country or territory outside the European economic area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.
Access to your personal information
You are entitled to obtain a copy of the personal information held about you by the WRaPT Team. Any request to access or obtain a copy of this information will be considered under Section 7 of the Data Protection Act.
To make a request for personal information, email WRaPT@lancashirecare.nhs.uk or write to:
Lancashire Care NHS Foundation Trust