Last updated: Tuesday, 4 August 2020
Please note: the following notice provides additional privacy information to the
Rochdale Borough Council privacy notice.
Our Public Health Team is responsible for protecting and improving the health of the population of Rochdale borough. We use personal data and information from a range of sources, including birth and death registrations, surveys and other information to produce statistics and reports to understand more about the health and care needs in Rochdale borough. We provide intelligence to support the council in protecting and improving the health of the population. We also use personal information to recognise trends, monitor and manage infectious diseases to help prevent them from spreading.
We're required to commission and manage services for the population, which include:
- Drug and alcohol treatment services
- Sexual health services
- Lifestyle and behaviour change services
- Cancer screening and registrations
- Other screening programmes
- Public health initiatives and campaigns
- Blood pressure status
- GP and hospital services
- NHS community services
- Mental health services
- Social care services
Who do we collect information about?
Personal information means data relating to a living individual who can be identified from the data, or from that data and other information held by the data controller. We collect and hold personal information for public health purposes about:
- Rochdale borough residents and visitors
- Births and deaths in the Rochdale borough
- People receiving health and care services in the Rochdale borough
- People who work or attend school in the Rochdale borough
- All people to whom we have a public health duty of care
What information do we collect?
Public Health collects different information for different reasons, from providing funding for services to producing statistics to prioritise activities and campaigns. Some examples of information that may be collected include:
- Name, age, marital status, address and contact details, including email address
- Date of birth or death
- Postcodes and electoral wards for the analysis of health inequalities
- Identifiers such as NHS Numbers
- Educational or employment data
- Health or medical records including disabilities, test and contact tracing results
- Workplace details
- Religion, ethnicity or nationality, sexuality, crime or offending information
When this information is used or shared, we ensure that individuals cannot be identified where this is not necessary. The information is anonymised or de-personalised so personal details are removed as soon as possible.
Where else do we get information from?
Data from other national and local NHS and local authority data services and organisations is shared with Public Health, in accordance with the Data Protection Act 1998. Examples include NHS Digital, Office for National Statistics and NHS Clinical Commissioning Groups.
What do we use the data for?
We use your personal information to:
- Identify priorities for action
- Inform decisions on (for example) the planning, design and commissioning of services
- Assess the performance of the local health and care systems and to evaluate and develop them
- Management of risks to public health and public protection
- Incident and outbreak management and control of infection
- Undertaking equity analysis of trends, particularly for vulnerable groups and deprived areas
- Maintaining accounts and records
- Reporting - summary statistics to national organisations
- Carrying out health and public awareness campaigns
- Provision of services focussed on individual and family health such as the NHS Health Check Programme and Immunisations
- Public health initiatives such as the National Child Measurement Programme, the 0-5 health service and school nursing services
- Provision of advice and support
- Undertaking or supporting investigations and clinical audits, for example, deaths from suicide
We also use the information to produce information for research and planning purposes, which include producing assessments of the health and care needs of the population, in particular to support the statutory responsibilities of the:
- Joint Strategic Needs Assessment (JSNA)
- Director of Public Health Annual report
- Health and Wellbeing Strategy
- Health Protection and Outbreak Control Plans
We’re required to comply with the Data Protection Act to ensure information is managed securely and this is reviewed every year as part of our Data Security and Protection Toolkit assessment. This ensures we operate at an adequate standard in relation to Data Protection, confidentiality and all other information governance areas such as the Caldicott principles.
Why we use your personal information
We're required by law to improve and protect health and wellbeing. This is detailed in legislation and guidance including:
- Public Health (Control of Disease) Act 1984
- Health Service (Control of Patient Information) Regulations 2002
- Statistics and Registration Service Act (2007)
- Health and Social Care Act (2012)
- The Health Protection (Coronavirus Restrictions) (No.2) (England) Regulations 2020
- Coronavirus Act 2020
We're allowed to process personal and sensitive data for the following reasons under the General Data Protection Regulation (GDPR) Articles and the Data Protection Act:
- For public tasks or statutory functions
- Where there is substantial public interest
- For reasons of public interest in the area of public health
Who we share your personal information with
We collect information from and disclose information to individuals and organisations that can support our work including:
- Customers and their families
- Health and healthcare organisations, for example, national and local NHS, Public Health England
- Partner agencies and service providers, for example, NHS Clinical Commissioning Groups
- Other public bodies and authorities, for example, Office for National Statistics]
- Council departments
Confidential public health data will only be shared once the necessary legal basis has been established and data protection safeguards have been verified, so that the data is managed and used under the same restrictions. Anyone who receives information from Rochdale Borough Council Public Health is also under a legal duty to keep it confidential.
How do we keep information secure?
We have safeguards in place to protect your information which include things like using secure email, training staff and having processes in place to make sure we only collect the information we need and no more and that it is kept only for as long as necessary.
We’re required to comply with the Data Protection Act to ensure information is managed securely and this is reviewed every year as part of our NHS Information Governance Toolkit assessment, which ensures we operate at an adequate standard in relation to Data Protection, confidentiality and all other information governance areas.
View our NHS Information Governance Toolkit assessment
When we make an automated decision about your personal information
This service doesn't make any decisions using computers or programmes that don't involve a human being when using your personal information.
How long we keep your personal information
We keep personal information collected as part of our processes for the length of time deemed necessary in national or local guidance for each data source.
When we transfer your personal information beyond the European Economic Area ('EEA')
This service doesn't transfer your information outside the EEA.
We do not routinely share data with any organisation outside the UK, but our website is available across the internet and we communicate with applicants and stakeholders wherever they are.