Fair Processing Notice

We have put together some information on what personal data is held and processed, for what purpose it is processed, who it is shared with and the governance arrangements in place for that process.

We would also like to inform individuals on:

  • Which is the organisation sharing their information (e.g. WFCCG)
  • Why information about them is being recorded (e.g. patient records)
  • How their records are being used (e.g. supporting their healthcare management)
  • Security arrangements in place to protect their information (e.g. anonymised data)
  • How they can access the information the organisation holds on them

This is therefore the means by which we inform people ‘how we use your information’. It meets the Data Protection Act requirement for organisations to be transparent about how they intend to use individual’s data.

“This CCG is required by law to protect the public funds it administers. It may share information provided to it with other bodies responsible for; auditing, or administering public funds, or where undertaking a public function, in order to prevent and detect fraud.

The Cabinet Office is responsible for carrying out data matching exercises. Data matching involves comparing computer records held by one body against other computer records held by the same or another body to see how far they match. This is usually personal information. Computerised data matching allows potentially fraudulent claims and payments to be identified. Where a match is found it may indicate that there is an inconsistency which requires further investigation. No assumption can be made as to whether there is fraud, error or other explanation until an investigation is carried out.

We participate in the Cabinet Office’s National Fraud Initiative: a data matching exercise to assist in the prevention and detection of fraud. We are required to provide particular sets of data to the Minister for the Cabinet Office for matching for each exercise, as detailed here. The use of data by the Cabinet Office in a data matching exercise is carried out with statutory authority under Part 6 of the Local Audit and Accountability Act 2014. It does not require the consent of the individuals concerned under the Data Protection Act 1998. Data matching by the Cabinet Office is subject to a Code of Practice.

View further information on the Cabinet Office’s legal powers and the reasons why it matches particular information. For further information on data matching at this CCG, contact Gemma Higginson on gemma.higginson@nhs.net