LV Care Group is wholly committed to complying with the Data Protection (Jersey) law 2018. Our policy is written with the aim of ensuring that all employees who have access to any client and staff data do so in a manner compliant with this legislation. Staff receive annual data protection training to ensure that they are aware of their professional responsibilities with regard to handling data.
This Data Protection Notice is part of LV Care Group’s ‘best practice’ approach to data protection. The Notice provides a concise statement of how we collect, use and disclose personal data and the rights of individuals.
At LV Care Group, we operate a transparent and clear policy to comply with data protection. In order for our data protection notice to be as accessible as possible, we include explanations of the terms used.
Data is information which is being processed about a living, identifiable person. Data must only be used for the reason that it was collected. Data is categorised as either personal or special. Personal data is any information referring to a data subject; examples include name, identification number, location data, date of birth. Special data is sensitive and examples include information about ethnicity, race, religious views. Neither of the examples for personal or special data are exhaustive. For the purpose of this notice, ’data’ refers to both personal and sensitive data.
An identifiable, living person, who can be identified either directly or indirectly.
Processing data refers to any operations being performed with personal data. This may include collecting, using, storing and disposing of the data.
A controller decides the purpose for which the data is processed, and how that data is processed. LV Care Group and its subsidiary companies act as a data controller for clients and staff. Other data controllers may include departments of the States of Jersey and GP surgeries.
Data processors are appointed by the data controller to carry out processing tasks on data. Examples include employing a processor to shred data, a company who creates our staff ID cards and departments of the States of Jersey. This list demonstrates examples and is not exhaustive.
At LV Care Group, we offer a wide range of care services within the Channel Islands. Your data is only handled by staff who need access to the information for a legitimate, operational need. Access to data is regularly audited by our Data Protection Officer.
We collect your personal data in a number of ways, for example:
For clients, your data is collected to ensure the best possible care is delivered. We only ever collect data which is relevant to an individual’s care. Staff data is collected only for employment purposes. The data is kept as accurately and up-to-date as possible. You add data to that we already have from you at any time.
Data is stored in compliance with legislation and best practice guidelines. Some data is stored electronically, whilst some data is stored in paper format, and locked away for safety. The software which is used to store data electronically will have been risk assessed by our Data Protection Officer prior to being used for the purposes of storing data. If you have concerns about where or how your data is stored, you can contact the LV Care Group Data Protection Officer to discuss further.
LV Care Group will always endeavour to obtain your permission to process your data prior to doing so. In some circumstances, such as employment and healthcare, we have a legal obligation to collect and process your data. We will only process data if there is a legitimate and necessary interest. Data handled by the LV Care Group will not be transferred or distributed outside of Jersey, unless there is a legitimate and/or justifiable reason to do so.
Data will only be shared with your consent. This consent will only be superseded in circumstances such as safeguarding and if there is a legal obligation.
Third parties who we share data with may include States of Jersey departments, GPs and other healthcare professionals. Although not a legal requirement, we endeavour to have Data Sharing Agreements with third parties, prior to sharing information. These agreements stipulate the responsibility of both parties with regards to information sharing.
Some of our processing duties are outsourced. For example, we employ companies to undertake the shredding of confidential documents, and we use computer software to process data. All third parties who carry out processing duties on our behalf will have signed a Data Processor Contract, outlining their responsibilities.
Data will be used to ensure that all clients and employees are kept safe, and receive the best personalised care possible. Staff data will be used to carry out terms of employment.
We will only retain data for as long as is necessary under law and best practice guidelines. For medical data, where there is not a legal stipulation, we follow guidance available by the Information Governance Alliance.
Under the Data Protection (Jersey) law 2018, you have the following data protection rights:
All of our clients will be asked to sign a Fair Processing Notice. This Notice explains what data we will be collecting, why we will be collecting it, who we will be sharing it with, and how long we will be keeping it for. Clients who cannot sign their own form can have their Notice signed by a next of kin/a person who has power of attorney/nominated person.
Staff will also be asked to sign a Fair Processing Notice which details what data we will be collecting, why we will be collecting it, who we will be sharing it with and how long we will be keeping it for.
Both clients and staff have the right not to sign a Fair Processing Notice, however in restricting our ability to collect and process data may restrict your care/employment opportunities.
Copies of the Fair Processing Notices can be gained from our Data Protection Officer.
The complaint will be investigated, and the relevant procedures will be followed. If we find that a serious data breach has occurred, we will report the breach to the Office of the Information Commissioner within 72 hours of being made aware of the breach. Minor breaches will be dealt with in-house. All breaches are appropriately documented.
Further information about Data Protection is available through the Office of the Information Commissioner: www.oicjersey.org
For further information on any aspect of Data Protection on this page, please contact our Data Protection Officer:
What are cookies?
A cookie is a text-only string of information that a website transfers to your computer via the browser for either the essential functionality of that website or to improve the performance for the user. Cookies aren’t viruses and we cannot access or save any personal data on your computer when you accept them.
Why are cookies important?
These anonymous markers let us temporarily remember who you are, allowing us to make sure we give you the best user experience during every visit. No cookies used by this site are a threat to your privacy.
You can accept or decline cookies at any time by modifying the settings in your browser preferences. Please bear in mind that declining all cookies may prevent you from being able to use certain areas and functions of the site.