How we protect and store your information

We hold records about you (on paper and electronically) in a secure way. We only make them available to those who have a right to see them. 

We protect personal information in different ways including: 

  • pseudonymisation – using a different name to hide parts of your personal information. This means that someone outside of the council could work on your information on behalf of us without ever knowing it was yours 
  • access controls to systems and networks – stopping people who are not allowed to view your personal information from getting access to it 
  • training and awareness for staff – how to handle information, and how and when to report if something goes wrong 
  • regularly updating technology infrastructure – includes updating network, server, PC and mobile devices with the latest security updates 

Safeguarding

We have a statutory duty to ensure that we: 

  • safeguard and promote the welfare of children and young people  
  • protect adults at risk from abuse or the risk of abuse 

This includes key legislation from: 

  • the Children Act (1989) (2004) 
  • Working together to safeguard children (2015) 
  • No Secrets (2000) 
  • the Crime and Disorder Act (1998) 
  • the Health and Social Care Act (2012)  
  • the Care Act (2014) 

We have a duty to “take reasonable steps…to prevent children within their area suffering ill-treatment or neglect”. 

We must also promote adult’s well-being. Within this broad concept, the council must “have regard to the need to protect people from abuse and neglect”.  

Under section 42 of the Care Act 2014, if the council has reasonable cause to suspect an adult in its area is suffering or is at risk of abuse and neglect, and has needs which leave him or her unable to protect himself or herself, then it must ensure enquiries are made in order to decide what action (if any) should be taken, and by whom (the “duty to enquire”).  

Enquiries should be made by the most appropriate professional, and in some circumstances that will be a health professional. In discharging these duties, there are express reciprocal duties to co-operate on local authorities and their “relevant partners”, and that category includes all clinical commissioning groups (CCGs) and health trusts in the council’s area. 

We may share information without consent if, in our judgement, a lack of consent can be overridden in the public interest and we consider the safety and well-being of the person and others who may be affected requires this. 

Public interest examples include: 

  • when there is evidence or reasonable cause to believe that an adult or child is at risk of suffering or serious harm 
  • to prevent an adult from harming someone else 
  • the promotion of the welfare of an adult or child 
  • detecting crime 
  • apprehending offenders 
  • maintaining public safety 

Where your information is stored

Most personal information is stored on systems in the UK. However, there are some occasions where your information may leave the UK, either to get to another organisation or if it's stored in a system outside of the EU. 

We have additional protections on your information if it leaves the UK, from secure ways of transferring data to ensuring we have a robust contract in place with that third party. 

We take all practical steps to make sure your personal information is not sent to a country that is not seen as safe. 

If we need to send your information to an 'unsafe' location, we'll always seek advice from the Information Commissioner's Office (ICO)