Confidentiality and Professional Integrity Policy
Procedure Number: 001
Confidentiality & Professional Integrity Policy
Date of Last Revision:
Date of Last Review:
Date of Next Review:
Betterweld and its training academy (BETTERWELD) needs to keep certain information about its employees, learners and other users to allow it to monitor performance, achievements, health and safety, etc. It is also necessary to process information so that staff can be recruited and paid, courses organised, and legal obligations to funding bodies and government complied with. To comply with the law, information must be collected and used fairly, stored safely and not disclosed to any other person unlawfully.
To do this the company must comply with the principles that are set out in the Data Protection Act 1998. In summary these state that personal data shall:
- Be obtained and processed fairly and lawfully and shall not be processed unless certain conditions are met.
- Be obtained for a specified and lawful purpose and shall not be processed in any manner incompatible with that purpose.
- Be adequate, relevant and not excessive for those purposes.
- Be accurate and kept up to date.
- Not be kept for longer than is necessary for that purpose.
- Be processed in accordance with the data subject’s rights.
- Be kept safe from unauthorised access, accidental loss or destruction.
- Not be transferred to a country outside the European Economic Area, unless that country has equivalent levels of protection for personal data.
- The company and all staff or others who process or use any personal information must ensure that they follow these principles at all times.
2.0 Notification of Data Held & Processed
All staff, learners and other users are entitled to:
- Know what information the company holds and processes about them and why
- Know how to gain access to it
- Know how to keep it up to date
- Know what the company is doing to comply with its obligations under the 1998 Act
3.0 Responsibilities of Employees
All employees are responsible for:
- Checking that any information that they provide the company in connection with their employment, is accurate and up to date
- Informing thecompany of any changes to information which they have already provided (e.g. changes of address, additional qualifications, etc.)
- Checking information issued by the company that gives details of information kept
- Informing the company of any errors or changes.
4.0 Data Security
All employees are responsible for ensuring that:
- Any personal data, which they hold, is kept securely
- Personal information is not disclosed whether orally or in writing or accidentally or otherwise to any unauthorised third party.
Employees should note that unauthorised disclosure will usually be a disciplinary matter, and may be considered gross misconduct in some cases.
Personal information should be:
- Kept in a locked filing cabinet; or
- In a locked drawer; or
- If it is computerised, be password protected; or kept only on disk which is itself, kept securely
5.0 Learner Obligations
Learners must ensure that all personal data provided to the company and BETTERWELD is accurate and up to date. They must ensure that changes of address, etc, are notified to the training academy manager in the first instance.
6.0 Rights to Access Information
Employees, learners and other users have the right to access any personal data that is being kept about them either on computer or in certain files.
Any learner who wishes to exercise this right should contact the Training Academy Manager.
Members of staff should contact the Training Academy Manager in writing.
The company and BETTERWELD aims to comply with requests for access to personal information as quickly as possible, but will ensure that it is provided within 21 days unless there is good reason for delay. In such cases, the reason for delay will be explained in writing to the data subject making the request.
7.0 Information Supplied to External Bodies
Details contained within a learner record will be passed to the central government departments and agencies, such as the Skills Funding Agency (SFA), which require them in order to carry out their statutory functions.
This data is used for a variety of purposes including the operation of the Further Education funding methodology whereby funds are distributed by the Skills Funding Agency to the company.
Under the Data Protection Act 1998, learners have the right to know what information is held about them by such agencies as the SFA. Learners should, in the first instance, contact the Training Academy Manager to discuss this matter.
8.0 Processing Sensitive Information
Sometimes it is necessary to process information about a person’s health, criminal convictions, race, gender and family details. This may be to ensure the learning environment is a safe place for everyone, or to operate other company policies such as the Equal Opportunities policy. As this information is considered sensitive, and it is recognised that the processing of it may cause particular concern or distress to individuals, employees and learners will be asked to give express consent for the company to do this. Offers of employment or course places may be withdrawn if an individual refuses to consent to this without good reason.
9.0 Employee Guidelines for Data Protection
All employees of the training academy will process data about learners on a regular basis, writing reports or as part of a pastoral or academic supervisory role. The company will ensure throughout registration procedures, that all learners give their consent to this sort of processing, and are notified of the categories of processing, as required by the 1998 Act.
The information that employees deal with on a day-to-day basis will be ‘standard’ and will cover categories such as:
- General personal details such as name and address
- Details about attendance, course work marks and grades and associated comments
- Notes of personal supervision and assessment
- Recording of information regarding a student’s learning support requirements
Information about a learner’s; physical or mental health, sexual life, political views, religious beliefs, trade union membership, ethnicity or race is sensitive and can only be collected and processed with the learner’s consent and for a valid reason (e.g. recording information about dietary needs for religious or health reasons prior to taking a field trip, recording information that a learner is pregnant, as part of pastoral duties)
All employees have a duty to make sure that they comply with data protection principles. In particular employees must ensure that records are:
- Fair, factual
- kept, and disposed of, safely and in accordance with company policy.
Employees must not disclose personal data to any learner, unless for normal academic or pastoral purposes, without authorisation or agreement from the Training Academy Manager.
Employees shall not disclose personal data to any other staff member except with the authorisation or agreement of the Training Academy Manager.
Pages / Sections
1 October 2015
First issue of policy