FULL PRIVACY NOTICE
December 2009
USING YOUR PERSONAL DATA
As a Local Authority, Birmingham City Council collect, holds and processes a considerable
amount of information, including personal information about the citizens it serves, to allow it to
provide services effectively.
The Council recognises that this information is important to the citizens and that it is
responsible to the citizens for the information it holds about them. As such, it takes seriously
its responsibilities to ensure that any personal information it collects and uses is done so
proportionately, correctly and safely.
For information about what is personal data please see the Information Commissioner’s web
si
te: www.ico.gov.uk
The Council collects, holds and uses personal data to allow it to provide services on behalf of
the citizens of the City of Birmingham. These services include, amongst others, providing
schools and educational facilities within the city; providing care and support for vulnerable
individuals and their families; maintaining and improving the environment of the city and
protecting the citizens generally.
For more detailed information as to the services provided by the Council, please see
www.birmingham.gov.uk
In deciding what personal data to collect, hold and use, the Council is committed to ensuring
that it will :-
• recognise that any personal data handled by Birmingham City Council is held on
behalf of that person and that we ensure we respect that responsibility;
• adopt and maintain high standards in respect of the handling and use of that personal
data;
• only collect, hold and use personal data where it is necessary and proportionate to do
so;
• securely delete any personal data when no longer needed;
• keep your personal data secure and safe;
• not unnecessarily and without good reason, infringe the privacy of the citizens of
Birmingham;
• consider and address the privacy risks first when planning to use or hold personal
information in new ways, such as when introducing new systems;
• be open with individuals about how we use their information and who we give it to;
• make it easy for individuals to access and correct their personal information;
• ensure that there is effective safeguards and systems in place to make sure personal
information is kept securely and does not fall into the wrong hands;
• provide training to staff who handle personal information and treat it as a disciplinary
matter if they misuse or don’t look after personal information properly;
• put appropriate financial and human resources into looking after personal information
to make sure we can live up to our promises;
• regularly check that we are living up to our promises and report on how we are doing.
The Council may disclose personal data to third parties, but only where it is necessary, either
to comply with a legal obligation, or where permitted under the Data Protection Act, e.g.
where the disclosure is necessary for the purposes of the prevention and/or detection of
crime, or where it is necessary to allow a third party working for or on behalf of the Council.
The Council will strive to ensure that any personal data in its care will be kept safe and that
where your information is disclosed to a third party, Birmingham City Council will seek to
ensure that the third party has sufficient systems and procedures in place to prevent the loss
of personal data.
Where the Council seeks to disclose sensitive personal data, such as medical details, to third
parties, we will do so only with your prior express consent or where we are legally required to
do.
Birmingham City Council will use your personal data for a limited number of purposes, and at
all times within the rules set out in the Data Protection Act 1998.
We will process personal data for the following purposes:-
1.
for the purpose to which you provided the information. e.g. processing
information given on a benefit claim form for the purpose of processing your
benefit claim, and to monitor the Council’s performance in responding to your
request;
2.
to allow the Council to be able to communicate and provide services appropriate
to your needs, e.g. to be able to arrange suitable access arrangements where the
citizen has mobility difficulties.
3.
to ensure that the council meets its legal requirements, including obligations
imposed under Equality Legislation and Health and Safety Acts;
4.
where necessary for the Council’s Law Enforcement functions, e.g. licensing,
planning enforcement, trading standards, food safety, etc, where Birmingham City
Council is legally obliged to undertake such processing;
5.
where the processing is necessary for Birmingham City Council to comply with its
legal obligations, e.g. the prevention and/or detection of crime.
6.
to process financial transactions including grants, payments and benefits
involving Birmingham City Council, or where Birmingham City Council is acting
on behalf of other government bodies, e.g. Department for Works and Pensions;
7.
where you have consented to the processing;
8.
where necessary to protect individuals from harm or injury; or
9.
where otherwise permitted under the Data Protection Act 1998, e.g. disclosure to
comply with legal obligations. For further information on the Data Protection Act
see www.ico.gov.uk
Birmingham City Council may also use your personal data, after it has been anonymised, to
allow the statistical analysis of data to allow the Council to effective target and plan the
provision of services.
SINGLE CUSTOMER RECORD
Birmingham City Council is working on improving how it provides services to the citizens of
Birmingham.
In order to assist the Council in providing relevant services more quickly when required, and
in an effective and efficient manner, it is creating an information hub.
The information hub will contain a single customer record, comprising of your name, address,
date of birth and gender, together with some information which can be used to confirm your
identity. It is envisaged that the single customer record will record a brief summary of your
contact with the Council, e.g. that you called the Council about a missed bin collection.
The Single Customer Record will not contain extensive details of the services you have
received. However, the single customer record will also act as an index to other council
databases, but will be able to feed information into a number of council systems, including:-
Libraries Waste
Management
Leisure
services Trading
Standards
Adult
Social
Care
Corporate
Finance
Benefits
Council
Tax;
To do this, the Information hub will take your name, address, date of birth and gender from
the above council systems to create the single customer record.
This list is continuingly being updated, and an up-to-date list is available on Birmingham City
Council’s web site.
This will allow you to notify the Council once and have that information feed into a number of
Council systems, e.g. where you change your address, so that rather than you having to
notify each individual Council department of the change of address, by reporting the change
of address to one Council department, a number of Council departments will be notified.
However, this will only be done with your express consent.
The Single Customer Record will also allow the council to respond to any queries you may
have in respect of the provision of services more quickly and efficiently. By linking into a
number of Council systems, any query or issue can be investigated more quickly. However,
any access to such Council systems will only take place in response to any query or
instruction received by yourself, and only where such access is necessary to answer or
respond to the query or issue raised by yourself.
CHILDREN’S DATA GENERALLY
The Council provides a number of services to children, from leisure and cultural services to
education and child care services, which requires it to process children’s data.
The Council will create and hold a Single Customer Record for children. For children under
the age of 12 or where it is believed that the child does not understand what he/she is
consenting to, this will normally require the consent of a child’s parent or guardian to allow the
Council to process this data.
For young people aged between 12 and 16, we will accept their consent, without requiring the
consent of their parent or guardian, as being valid in respect of the use, processing and
sharing of less sensitive information, e.g. registering for culture events and activities. Clearly,
the decision as to whether a child has the capacity to give valid informed consent will require
the consideration of additional factors and, in some cases, professional judgement. These
considerations will include:
• Cases of anti social behaviour involving children
• Vulnerable or ‘at risk’ children
• Mental health or other incapacity issues
• Ability to pay for services, such as leisure activities
• Health and safety considerations, for example, agreement from parents to participate
in activities that require the provision of further information, e.g. medical issues,
disability, etc.,
For individuals over 16, we will accept their consent as being valid in respect of the use,
processing and sharing of all their personal data.
For further information, please see the council’s guidance note on the use of children’s
personal data.
DATA MATCHING
Data Matching involves comparing computer records held by one body against other
computer records held by the same or another body to see how far they match. This is usually
personal information.
Birmingham City Council undertakes Data Matching, where necessary, for a number of
purposes, to comply with legal requirements placed on the Council.
These include to:
1.
detect and prevent crime / fraud; and
2.
assist in Emergency response management.
DETECT AND PREVENT CRIME / FRAUD
Birmingham City Council is required by law to protect the public funds it administers. We
process and share the information provided to us for the following purposes:-
Council employee Payroll
Electoral Register
Council employee Pensions
Student Loans
Housing
Supported Care (Home Residents and
Care Home Residents)
Transport passes, including residents’
Insurance Claimants
parking and blue badges
Housing
and
Council
Tax
Benefits
Licences, e.g. market trader/ operator,
taxi driver and (new) personal licences
Council Tax
to supply alcohol.
Leisure
Property (Planning, Business Rates)
Libraries
to prevent and/or detect potential fraud and crime, by both conducting our own Data Matching
as well as sharing this information with other public bodies, such as; the Audit Commission,
the Department for Work and Pensions, other Local Authorities Revenues and Customs and
the Police.
The Audit Commission appoints an auditor to audit the accounts of Birmingham City Council,
and also conducts its own data matching exercise.
Computerised data matching allows potentially fraudulent claims, transactions, applications
and payments to be identified. Where a match is found and two or more records have
contradictory or conflicting information, the inconsistency will require further investigation. No
assumption can be made as to whether there is fraud, error or other explanation until an
investigation is carried out. Regardless, the data matching process is a proven way of helping
to ensure that records are up to date and accurate.
The Audit Commission currently requires local authorities to participate in a data matching
exercise to assist in the prevention and/or detection of fraud. We are legally required to
provide particular sets of Data to the Audit Commission for matching for each exercise, and
these are set out in the Audit Commission’s guidance which is located at
www.audit-
commission.gov.uk/nfi
The use of data by the Audit Commission in a data matching exercise is carried out with
statutory authority under its powers in Part 2A of the Audit Commission Act 1998. It does not
require the consent of the individuals concerned under the Data Protection Act 1998.
Data Matching by the Audit Commission is subject to a Code of Practice. This may be found
at www.audit-commission.gov.uk/nfi/codeofdmp.asp
For further information on the Audit Commission’s legal powers and the reasons why it
matches particular inform
ation, see www.audit-commission.gov.uk/nfi/fptext.asp
For further information about data matching at Birmingham City Council, please contact either
Birmingham Audit
Email:
xxxxxxxxxxxxxxx@xxxxxxxxxx.xxx.xx
or the Corporate Information Governance Unit at 1st Floor, Lancaster Circus, Birmingham
Email:
xxx.xxxxxxx@xxxxxxxxxx.xxx.xx
Tel:
0121 303 4876
EMERGENCY RESPONSE MANAGEMENT
Data Matching may also be used to assist the Council in responding to emergencies or major
accidents, by allowing the Council, in conjunction with the emergency services, to identify
individuals who may need additional support in the event of e.g. an emergency evacuation.
In addition, further data matching may be undertaken on a directorate level. Please see the
respective directorate’s web site for any additional directorate specific privacy policies.
EQUALITIES
Birmingham City Council may use information about your ethnic background, first language,
gender, sexual orientation and age (“equalities data”) for the purposes of compiling statistical
data about the population of the city at large and the take up council services by various
groups, both to assist in complying with the race relations act and other equality legislation
and to assist the council in the effective planning and provision of future services.
Such statistical data or statistical analysis will not allow the identification of any specific
individual nor will it have any impact on any individual’s entitlement to council services and
facilities.
Such equalities data may also be used to allow the council to provide sufficient assistance
where required, e.g. to provide translation services or access facilities, e.g. induction hearing
loop, where appropriate.
YOUR RIGHTS
You have the right to request that Birmingham City Council cease processing your personal
data in relation to any Council service, including the Single Customer Record. Where
possible, Birmingham City Council will seek to comply with your request but there may be
some situations where it will not be able to do this, e.g. where Birmingham City Council is
required to hold or processing information to comply with a legal requirement. However, this
may cause delays or hinder the Council’s ability to provide services to you.
You are also legally entitled to request access to any records held by Birmingham City
Council about yourself, including the Single Customer Record. Again, Birmingham City
Council will seek to comply with your request but there may be some situations where it will
not be able to do this in full, e.g. where information held was given in confidence. For further
information about either requesting access to your personal data or to cease processing
personal data please contact the Council’s Corporate Information Governance Unit.
Whilst Birmingham City Council tries to ensure that any personal data it holds about you is
correct, there may be situations where the information it holds is no longer accurate. If this is
the case, please contact the department holding the information or the Corporate Data
Protection Unit so that any errors can be investigated and corrected.
Birmingham City Council will not use your personal data for third party marketing purposes
without your prior express consent.
It will not pass any personal data on to third parties, other than those who either process
information on our behalf or because of a legal requirement, and it will only do so, where
possible, after Birmingham City Council has ensured that sufficient steps have been taken to
protect the personal data by the recipient.
FURTHER INFORMATION
At all times, Birmingham City Council will comply with the legal requirements set out by the
Data Protection Act 1998 in relation to the collection, holding and processing of your personal
data.
If you would like to know more or have any concerns about how your information is being
processed please contact the Corporate Information Governance Unit.
If you require general information about the data protection act, information is available on the
information commissioner’s we
b site, www.ico.gov.uk,
CHANGES TO THIS PRIVACY NOTICE Birmingham City Council will continually review and update this privacy notice to reflect
changes in our services and feedback from service users, as well as to comply with changes
in the law. When such changes occur, we will revise the "last updated" date at the top of this
notice. If there are substantial changes to this statement or in how Birmingham City Council
will use your personal information, we will advertise the updated notice both on the front page
of the Birmingham City Council web site and in Council offices.
Birmingham City Council encourages you to periodically visit the Council’s web site to review
this notice and to be informed of how Birmingham City Council is protecting your information.
Document Outline
- FULL PRIVACY NOTICE
- December 2009
-
- USING YOUR PERSONAL DATA
-
- As a Local Authority, Birmingham City Council collect, holds and processes a considerable amount of information, including personal information about the citizens it serves, to allow it to provide services effectively.
-
- The Council recognises that this information is important to the citizens and that it is responsible to the citizens for the information it holds about them. As such, it takes seriously its responsibilities to ensure that any personal information it collects and uses is done so proportionately, correctly and safely.
-
- For information about what is personal data please see the Information Commissioner’s web site: www.ico.gov.uk
-
- The Council collects, holds and uses personal data to allow it to provide services on behalf of the citizens of the City of Birmingham. These services include, amongst others, providing schools and educational facilities within the city; providing care and support for vulnerable individuals and their families; maintaining and improving the environment of the city and protecting the citizens generally.
-
- For more detailed information as to the services provided by the Council, please see www.birmingham.gov.uk
-
- In deciding what personal data to collect, hold and use, the Council is committed to ensuring that it will :-
-
- adopt and maintain high standards in respect of the handling and use of that personal data;
- only collect, hold and use personal data where it is necessary and proportionate to do so;
- securely delete any personal data when no longer needed;
- keep your personal data secure and safe;
- not unnecessarily and without good reason, infringe the privacy of the citizens of Birmingham;
-
- The Council may disclose personal data to third parties, but only where it is necessary, either to comply with a legal obligation, or where permitted under the Data Protection Act, e.g. where the disclosure is necessary for the purposes of the prevention and/or detection of crime, or where it is necessary to allow a third party working for or on behalf of the Council.
-
- The Council will strive to ensure that any personal data in its care will be kept safe and that where your information is disclosed to a third party, Birmingham City Council will seek to ensure that the third party has sufficient systems and procedures in place to prevent the loss of personal data.
-
- Where the Council seeks to disclose sensitive personal data, such as medical details, to third parties, we will do so only with your prior express consent or where we are legally required to do.
-
- Birmingham City Council will use your personal data for a limited number of purposes, and at all times within the rules set out in the Data Protection Act 1998.
-
- We will process personal data for the following purposes:-
-
- 1. for the purpose to which you provided the information. e.g. processing information given on a benefit claim form for the purpose of processing your benefit claim, and to monitor the Council’s performance in responding to your request;
-
- 2. to allow the Council to be able to communicate and provide services appropriate to your needs, e.g. to be able to arrange suitable access arrangements where the citizen has mobility difficulties.
-
- 3. to ensure that the council meets its legal requirements, including obligations imposed under Equality Legislation and Health and Safety Acts;
-
- 4. where necessary for the Council’s Law Enforcement functions, e.g. licensing, planning enforcement, trading standards, food safety, etc, where Birmingham City Council is legally obliged to undertake such processing;
-
- 5. where the processing is necessary for Birmingham City Council to comply with its legal obligations, e.g. the prevention and/or detection of crime.
-
- 6. to process financial transactions including grants, payments and benefits involving Birmingham City Council, or where Birmingham City Council is acting on behalf of other government bodies, e.g. Department for Works and Pensions;
-
- 7. where you have consented to the processing;
-
- 8. where necessary to protect individuals from harm or injury; or
-
- 9. where otherwise permitted under the Data Protection Act 1998, e.g. disclosure to comply with legal obligations. For further information on the Data Protection Act see www.ico.gov.uk
-
- Birmingham City Council may also use your personal data, after it has been anonymised, to allow the statistical analysis of data to allow the Council to effective target and plan the provision of services.
-
-
-
- SINGLE CUSTOMER RECORD