Child in Care Privacy Notice (including Placements and Residential)

Purpose of collecting this information

We collect personal information via:

  • secure records databases managed by Birmingham Children’s Trust
  • face to face
  • telephone
  • undertaking assessments
  • email and letter
  • identity documents (birth certificate, driving licence)
  • insurance documents
  • placement requests
  • third parties

This data is used to deliver a range of services and to facilitate direct care for our children in need of care.

The information is necessary to provide the right service where it is needed to fulfil children and young people’s mental, physical, social, emotional, and care needs.

We rely upon the following laws to process your personal data:

  • Sufficiency – Statutory guidance on securing sufficient accommodation for looked after children. This is a specific duty under the Children Act 1989.
  • Adoption and Children Act 2002.
  • Children Act 1989.
  • Children (Leaving Care) 2000.
  • Children and Adoption Act 2006.
  • Children and Families Act 2014.
  • Children and Young Persons Act 2008.
  • The Children’s Homes (England) Regulations 2015.
  • Children and Social Work Act 2017.

The categories of personal information that we process includes:

  • personal information (such as name, date of birth and address)
  • characteristics (such as sex, ethnicity and disability)
  • episodes of previous involvement (referral information, assessment information, Section 47 information, Child Protection Conference information, Child Protection Plan information, and Children in Need Plan information)
  • episodes of being looked after (such as important dates, information on placements)
  • outcomes for looked after children (such as whether health and dental assessments are up to date, strengths and difficulties questionnaire scores and offending)
  • adoptions (such as dates of key court orders and decisions)
  • new provider/new address following a matching exercise, if a new provider or a new address a due diligence is undertaken. This is kept in the intelligence log on Trust Network. This data is collected directly from the providers, or other Local Authorities.
  • police checks undertaken on any business owner as a part of safeguarding and financial solvency. This data is be collected from third parties
  • payment – Financial information is collected for making payments to providers. This data is collected directly from the providers as well as third parties.
  • some health information – such as any additional needs or medical information that may be needed to support in a child/young person’s care.
  • family information – some details about close or extended family members to ensure that family links are maintained appropriately while a child is in the care of the Trust.

Why we collect and use this information

We use this personal data to:

  1. support these children and monitor their progress
  2. provide them with pastoral care
  3. assess the quality of our services
  4. evaluate and improve our policies on children’s social care
  5. undertake any work that involves finding and placing a child/young person in a safe place to live. This includes externally commissioned
    • Foster Carers
    • Supported Accommodation for 16-17 year olds
    • Residential/Children’s Homes
    • Supported Lodging with host families.
    • Interface and communicate with SWs internally to find placements.
  6. Placement finding
  7. Placement commissioning
  8. Community complaints
  9. Residents’ complaints
  10. Quality Assurance, notification and feedback
  11. Monitoring and support to provider to ensure it meets Ofsted standards
  12. Advice on Planning application for providers
  13. Relationship building.

Under the UK General Data Protection Regulation (UK GDPR), the legal bases we rely on for processing personal information are:

under Article 6 (e) as a part of our duties, powers and responsibilities as a public authority

under Article 9 (h) for the provision of health and social care.

Do I have to provide this information and what will happen if I don’t?

Whilst the majority of children looked after information you provide to us is mandatory, some of it is provided to us on a voluntary basis. In order to comply with the data protection legislation, we will inform you whether you are required to provide certain information to us or if you have a choice in this.

When a child is received into the care of the Local Authority it is either due to:

  • parental agreement/request (so the parents volunteer their basic details)
  • safeguarding concerns (so agencies can share information about the family without their consent)

If we need to use your information for research or reports, your information will be anonymised and any information taken from notes (handwritten or typed) during any consultation sessions will be securely destroyed. The information will continue to be used in a summarised and anonymised form in any research reports or papers that are published. The anonymised information in the papers may be of historic interest and may be held in public archives indefinitely.

Storing personal data

We hold data securely for the set amount of time shown in our data retention schedule. We use Eclipse as a case management system and also the West Midlands Placement Portal to store the personal data, as well as Microsoft Office suite, and secure shared drives.

How long will we hold your personal data?

We will retain your personal data for only as long as is necessary, and in line with our organisation’s record retention schedules.

Who is the data shared with?

  • Relevant social work team
  • Care Placement Providers
  • Finance
  • Accreditors (of specific service)
  • Ofsted
  • Department for Education
  • Local Authorities and other regional providers

We do not share information about our children in care with anyone without consent unless the law and our policies allow us to do so. The Department for Education (DfE) collects personal data from educational settings, children’s trusts and local authorities via various statutory data collections. We are required to share information about our children in need and children looked after with the Department for Education (DfE) for the purpose of those data collections

We share children in care’s with the Department for Education (DfE) on a statutory basis, under Section 83 of 1989 Children’s Act, http://www.legislation.gov.uk/ukpga/2008/23/section/7 and also under section 3 of The Education (Information About Individual Pupils) (England) Regulations 2013

All data is transferred securely and held by the Department for Education (DfE) under a combination of software and hardware controls which meet the current government security policy framework.

For more information, please see ‘How Government uses your data’ section. For privacy information on the data the Department for Education collects and uses, please see:

https://www.gov.uk/government/publications/privacy-information-children-and-young-people-under-18/privacy-information-children-and-young-people-under-18

The data that we lawfully share with the Department for Education (DfE) through data collections helps to:

  • develop national policies
  • manage local authority performance
  • administer and allocate funding
  • identify and encourage good practice

Sharing data with DWP

When a parent or carer in receipts of benefits has a child taken into care we need to inform the Department of Work and Pensions as part of our part of our duties, powers and responsibilities as a public authority under Article 6, part e of the General Data Protection Regulation.

When we share your information between ourselves and the DWP, we will only do this to aid the prevention of fraud, when doing so we rely on the following legislation:

Sharing with other Public Authorities

When we share information with other public authorities we do so as part of our duties, powers and responsibilities as a public authority under Article 6 (e) under UK General Data Protection Regulation in order for us to safeguard and promote the welfare of children as outlined under section 10 and 11 of the Children Act 2004.

We do not share information about our children in need or children looked after with anyone without explicit consent unless doing so in order to perform a public task, the legislation or our policies allow us to do so.

Sharing by the Department for Education (DfE)

DfE will only share pupils’ personal data where it is lawful, secure and ethical to do so. Where these conditions are met, the law allows DfE to share pupils’ personal data with certain third parties, including:

  • schools and local authorities
  • researchers
  • organisations connected with promoting the education or wellbeing of children in England
  • other government departments and agencies
  • organisations fighting or identifying crime

For more information about the Department for Education’s (DfE) NPD data sharing process, please visit: https://www.gov.uk/data-protection-how-we-collect-and-share-research-data

Organisations fighting or identifying crime may use their legal powers to contact the Department for Education (DfE) to request access to individual level information relevant to detecting that crime. 

For information about which organisations the Department for Education (DfE) has provided pupil information, (and for which project) or to access a monthly breakdown of data share volumes with Home Office and the Police please visit the following website: https://www.gov.uk/government/publications/dfe-external-data-shares

How to find out what personal information the Department for Education (DfE) holds about you

Under the terms of the UK GDPR, you’re entitled to ask the Department for Education (DfE):

  • if they are processing your personal data
  • for a description of the data they hold about you
  • the reasons they’re holding it and any recipient it may be disclosed to
  • for a copy of your personal data and any details of its source

If you want to see the personal data held about you by the Department for Education (DfE), you should make a ‘subject access request’.  Further information on how to do this can be found within the Department for Education’s (DfE) personal information charter that is published at the address below:

https://www.gov.uk/government/organisations/department-for-education/about/personal-information-charter

or

https://www.gov.uk/government/publications/requesting-your-personal-information/requesting-your-personal-information#your-rights

To contact the Department for Education (DfE): https://www.gov.uk/contact-dfe

Exercising your rights

Under the Data Protection Act 2018 and the EU General Data Protection Regulations you have the following rights:

  • The right of access to your own personal data.
  • The right to request rectification or deletion of your personal data.
  • The right to object to the processing of your personal data.
  • The right to request a copy of the information you provide us in machine readable format.
  • The right to withdraw your consent to any processing that is solely reliant upon your consent.

Should you wish to exercise any of your rights, you should contact the Data Protection Officer.

There are legitimate reasons why we may refuse your information rights request, which depends on why we are processing it. For example, some rights will not apply:

  • right to erasure does not apply when the lawful basis for processing is legal obligation or public task.
  • right to portability does not apply when the lawful basis for processing is legal obligation, vital interests, public task or legitimate interests.
  • right to object does not apply when the lawful basis for processing is contract, legal obligation or vital interests. And if the lawful basis is consent, you don’t haven’t the right to object, but you have the right to withdraw consent.

If you have a concern about the way we are collecting or using your personal data, you should raise your concern with us in the first instance or directly to the Information Commissioner’s Office at raise a concern with ICO

For further information on how to request access to personal information held centrally by the Department for Education (DfE), please see the ‘How Government uses your data’ section of this notice.

Automated decisions

No automated decisions are made using the personal data provided as part of Looked After Children proceedings.

Withdrawal of consent and the right to lodge a complaint

Where we are processing your personal data with your consent, you have the right to withdraw that consent.

If you change your mind about consenting to use of your personal data, please contact DPO@birminghamchildrenstrust.co.uk

If you are unhappy with our use of your personal data, please let us know by contacting CustomerRelations@birminghamchildrenstrust.co.uk