Data Protection Policy

Policy Statement

Woodlands & Hill Brow believes that all records required for the protection of its residents and for the effective and efficient running of its care service should be collected, maintained and kept according to the Data Protection Act 1998.

The company adheres fully to Outcome 21: Records of the Care Quality Commission Guidance about Compliance: Essential Standards of Quality and Safety, which relates to the extent to which the rights and best interests of residents are safeguarded by the care service keeping accurate and up-to-date records.

The care service is required to be registered under the Data Protection Act 1998 and all storage and processing of personal data held in manual records and on computers in the care service must comply with the Act. The care service understands that, according to the Data Protection Act 1998, personal data should:

  1.  be obtained fairly and lawfully
  2.  be held for specified and lawful purposes
  3.  be processed in accordance with the person’s rights under the Data Protection Act
  4.  be adequate, relevant and not excessive in relation to that purpose
  5.  be kept accurate and up to date
  6.  not be kept for longer than is necessary for its given purpose
  7.  be subject to appropriate safeguards against unauthorised use, loss or damage
  8.  be transferred outside the European Economic Area only if the recipient country has adequate data protection.


All new staff must read and understand the policies on data protection and confidentiality as part of their induction process. Existing staff receive training covering basic information about confidentiality, data protection and access to records.

Training in the correct method for entering information in residents’ records is given to all care staff.  All staff who need to use the computer system are thoroughly trained in its use.


Signed: _____________________________
Date: _____________________________
Policy review date: _____________________________