Access to Employee Data - GDPR Policy

Angelic Healthcare aims to fully fulfil its obligations under the General Data Protection Regulation (GDPR).

Procedure

1     Under the GDPR, employees have the right to access their personal data and supplementary information. They are also allowed to be aware of and to verify the lawfulness of any data processing. Information will be provided without delay and at the latest within one month of receipt of a request.

2     Details of an employee’s personal data are available upon request in accordance with the principles of the GDPR (see paragraph 1, above).

3     With effect from 25 May 2018, when the GDPR comes/came into effect, personal data will only be kept for a legitimate purpose. It must also be relevant and limited to what is necessary and must be accurate and kept up to date. Furthermore, it will be processed securely, be lawful, fair and transparent and will only be stored for as long as is necessary.

4     Employees are required to read this information carefully and inform the Registered Manager at the earliest opportunity if they believe that any of their personal data are inaccurate or untrue, or if they are dissatisfied with the information in any way.

5     The GDPR gives data subjects the right to have access to their personal data on request at reasonable intervals. The organisation believes that complying with a request for a copy of the data annually will satisfy this requirement. Should employees wish to request access to their personal data, the request must be addressed to the Registered Manager. The request will be judged in the light of the nature of the personal data and the frequency with which they are updated. The employee will then be informed whether the request is to be granted. If it is, the information will be provided within one month of the date of the request.

6     In the event of a disagreement between an employee and the organisation regarding personal data, the matter should be taken up under the organisation’s formal grievance procedure. This does not negate the individual's right under the GDPR to complain to the supervisory authority (the Information Commissioner's Office (ICO).

Additional Clause(s)

Where employees make requests for their personal data which are manifestly unfounded or excessive, particularly when these are repetitive, a fee of £50.00 will be charged which must be paid to Angelic Healthcare before a copy of the personal data will be given. This fee is based on the administrative cost of providing the information. This should be done via email requesting for the information.

  1. In the interests of openness and fairness, the organisation will provide copies of personal records held manually to employees from April of each year.

  2. The procedure which applies to computerised data will apply to such manual files as well as to information held on mobile phones, websites and social media or captured through CCTV.

  3. As we are a domiciliary company, we have the logging in system to which you may be required to use your mobile to log in.

Note:

In the context of this organisation, personal data includes the following.

  • Names and addresses (with postcodes) *

  • Gender*

  • Marital status*

  • NHS numbers*

  • Email addresses*

  • Dates of birth*

  • Payroll numbers*

  • National Insurance numbers*

  • Tax, benefit or pension records*

  • Citizenship*

  • Biometrics*

  • Bank details*

  • DBS information

  • Family contact details (emergencies)*

  • Any other personal details i.e., GP details etc*

I confirm that I have read and understood the information listed and agree to the conditions as stated.