Upgrade to Chrome Upgrade to Firefox Upgrade to Internet Explorer Upgrade to Safari

Iris Care Group is an independent social care, healthcare, and specialist education provider, employing over 1,600 employees covering a range of expertise and specialisms.

This privacy notice applies to Iris Care Group and its subsidiary services.

What is a Privacy Notice?

A Privacy Notice is a statement by Iris Care Group that advises the people we support, visitors, carers, public and staff how we collect, use, retain and disclose personal information which we hold. This privacy notice is part of our commitment to ensure that we process personal information/data fairly and lawfully.

Why issue a Privacy Notice?

Iris Care Group recognises the importance of protecting personal and confidential information in all that we do and takes care to meet its legal and regulatory duties. This notice is one of the ways we can demonstrate our commitment to being transparent.

This notice also explains what rights you have to control how we use your information.

How is information retained and kept safe?

To make sure your personal information is protected, we have a series of technical and administrative measures in place. Access is limited to only those who need access to it to provide services to you.

Information is retained in secure electronic and paper records and access is restricted to only those who need to know.

All members of staff are required to undertake annual data protection and confidentiality training and our privacy and security guidelines are communicated to all employees.

It is important that information is kept safe and secure, to protect your confidentiality. Our guiding principle is that we are holding your information in strict confidence.

Accuracy and retention of personal information

Iris Care Group makes it easy for you to keep your personal information accurate, complete, and up to date. If any of your information changes please let us know so that we can update our records.

All records are destroyed in accordance with the Iris Care Group Schedule, which sets out the appropriate length of time each type of record is retained.

Can I access my information?

You are entitled to request access to your information, with some exemptions. For more information on how to access the information we hold about you please contact us at the address below.

Privacy questions

If you have any questions or concerns about this Privacy Notice or how we process your information or if you would like to make a complaint about a possible data breach please contact us:

Data Protection Officer
Iris Care Group
Unit 1, Castleton Court, St Mellons, Cardiff
CF3 0LT
dpo@iriscaregroup.co.uk

 

We take data security extremely seriously and all such communications are examined, and replies issued where appropriate as soon as possible. If you are unsatisfied with the reply you receive, you may refer your complaint to the Information Commissioner’s Office (ico.org.uk)

 

Why and how we collect information about the people we support.

 

We may ask for or hold personal confidential information which will be used to support delivery of appropriate care and treatment. This is to support the provision of high-quality care. These records may include:

  • personal information (such as name, address, date of birth, NHS number, NI number, next of kin)
  • characteristics (such as ethnicity, language, nationality, country of birth)
  • personal sensitive information (such as sexuality, religion, or beliefs, and whether you have a disability, allergies, or health conditions)
  • safeguarding Information
  • contact we have had (such as appointments and home visits)
  • details of diagnosis, treatment, and care (including notes and reports about your health and well-being)
  • information from people who care for you and know you well (such as health professionals and relatives)
  • CCTV footage
  • For students in our education settings, we also hold attendance information (such as sessions attended, number of absences and absence reasons)

 

You are not required to provide the personal information that we may request, but it is important for us to have a complete picture of you, as this information assists staff involved to deliver and provide improved care and appropriate treatment plans to fully meet your needs.

Information is collected in several ways: referral from your commissioning team, from the service you may currently be using, and details from your GP, a relative or directly given by you.

How we use your information

  • to help inform decisions that we make about your care and or/education.
  • to ensure that your treatment is safe and effective.
  • to work effectively with other organisations who may be involved in your care.
  • to ensure our services can meet future needs.
  • to review care provided to ensure it is of the highest standard possible.
  • To ensure you are kept safe.
  • additionally, for our students we use this data:
    • to support learning
    • to monitor and report on progress.
    • to provide appropriate pastoral care

 

Where an individual we are supporting is under the age of 18 the majority of information provided to us is mandatory, some of it can be provided to us on a voluntary basis. In order to comply with the law, we will inform you whether you are required to provide certain information to us or if you have a choice in this.

 

Who will the information be shared with?

We will only share your personal information with third parties where you have given your consent.

Where there are issues or concerns like the health and safety of yourself or others, we may be legally required to share your  information with statutory organisations such as the Police and the Courts.

We will normally share information about you with other health and social care professionals so that you may receive the best quality care:

  • NHS Trusts, hospitals, and other bodies involved in your care.
  • General Practitioners (GPs)

 

You may be receiving care from other people, for example Social Care Services. We may need to share some information about you with them so we can all work together for your benefit, if they have a genuine need for it or we have your permission. Therefore, we may also share your information with:

  • social care services
  • education services
  • local authorities
  • external regulators (including Care Quality Commission, Care inspectorate Wales, Hospital Inspectorate Wales, and Estyn)
  • safeguarding teams
  • voluntary and private sector providers working with Iris Care Group
  • services that you may use after leaving us.

 

Personal information may also need to be shared with third parties to make arrangements for the funding and/or payment of services received.

Our education settings also share data with the Department for Education (DfE) and Estyn on a statutory basis. This data sharing underpins funding and educational attainment policy and monitoring.

 

Why and how we collect personal information about staff.

You may be asked to provide your personal information at any time. We may combine it with other information to provide and improve our services as an employer. You are not required to provide the personal information that we may request, but, if you chose not to do so, in many cases we will not be able to provide you with a job.

Why and how we collect information.

Here are some examples of the types of personal information we may collect and how we may use it:

  • personal information (such as name, address, date of birth, next of kin)
  • contact information (such as telephone number, email address)
  • characteristics (such as ethnicity, language, nationality, country of birth)
  • personal sensitive information (such as sexuality, religion or beliefs, trade union membership, and whether you have a disability, allergies, or health conditions)
  • Disclosure and Barring Service Information (including Enhanced DBS details)
  • identifiers (such as Online identifier, Biometric details, social media identifiers, National insurance number, bank details)
  • CCTV footage

 

When you apply for a position we will record your details including your name, postal address, telephone number, email address, educational and work history, referees, and contact preferences.

Before your appointment, all required right to work checks and a check with the Disclosure and Barring Service will be carried out. Details of these checks (or the results from them) will be retained on your HR record.

If you are successful in being appointed, and during your employment with us, we will retain your full employment record which will include your name, postal address, telephone number, email address, details of your next of kin, bank details (for the purposes of payments), educational and work history, training, appraisals, copies of any complaints, disciplinary or safeguarding matters.

How we use your personal information

The personal information we collect and store about you allows us to facilitate the employment relationship we have with you.

Your personal information may be shared with various departments across the group including:

  • Payroll
  • Learning and Development
  • Human Resources
  • Information Technology

Who we share your information with

We will only share your personal information with third parties where you have given your consent, or where there are issues or concerns like the health and safety of yourself or others, or where there is a legal requirement or responsibility to share the information.

Where necessary, we routinely share limited personal formation with the following:

  • HMRC
  • Pension providers
  • External Regulators (including Care Quality commission, Care inspectorate Wales, and Hospital Inspectorate Wales)
  • Disclosure and Barring Service
  • Training partners
  • Approved suppliers of products and services for staff

Talk to the Iris Care Group team

If you have any questions about our services including how to make a referral or the career opportunities with Iris Care Group please complete our Get in Touch form.

Contact Us