Data Protection Guidelines
The Data Protection Act controls how personal information is used by organisations, businesses or the government.
Everyone who is responsible for using data has to follow strict rules called ‘data protection principles’ and make sure the information is:
1 used fairly and lawfully,
2 used for limited, specifically stated purposes,
3 used in a way that is adequate, relevant and not excessive,
5 kept for no longer than is absolutely necessary,
6 handled according to people’s data protection rights,
7 kept safe and secure,
8 not transferred outside the UK without adequate protection.
Most of the personal information regarding residents of the CUC almshouses will be held by Hundred Street Housing (HHS) under their current Data Protection Policy.
A limited amount of personal information is collected and stored by Visiting Trustees and shared with the Almshouse Trustee. Some may be passed on to HHS. It is the Visiting Trustee’s responsibility to take great care of this data, whether they store it in a computer, a paper file or a notebook, to make sure that it is up to date, and to destroy it when it is no longer needed.
Information is initially collected in person, when the Visiting Trustee makes the first visit soon after the resident moves in. This means that it can be clearly explained face-to-face why the data is needed, how it will be stored and who will have access to it.
Updated March 2016