Healthwatch Islington takes Data Protection seriously and is committed to safeguarding the privacy of our staff, volunteers, community members and beneficiaries. We will be guided by a principle of ‘my data, my choice’.

We recognise the huge reputational risk of not securing the privacy of an individual’s data.

Healthwatch Islington will be collecting data from a variety of sources, including personal and sensitive data on individuals within the local community. All data will be treated in a way that complies with the Data Protection Act 1998 and the General Data Protection Regulations with effect from May 2018.

Safeguarding Children and Vulnerable Adults

Data on individuals will not be shared unless Healthwatch Islington has concerns that a child or an adult who lacks capacity may be at risk or that a person may be a risk to others. In this situation, please refer to the Safeguarding Policy or speak to the Chief Executive.

Responsibility for Data Protection

The Regulations suggest that a Data Protection Officer (DPO) be employed to ensure that data ‘Controllers’ and ‘Processors’ comply with data protection law and avoid the risks that organisations face when processing personal data.

This person is the data protection expert within the organisation and forms the link with both the public and the organisation’s employees in relation to the processing of personal information held. They also act as the person that data protection queries are directed to. With LBI being the Data Controller, the Chief Executive will act as the Data Protection Officer.

The Chief Executive will be expected to report on Data Protection at each Board meeting in her Update paper to give assurance that best practice is followed and that any breaches have been reported.

Anonymised data

The General Data Protection Regulations are concerned with personal, identifiable data. Much of the data held by Healthwatch Islington will be anonymised. Where possible we will seek to remove all identifiers from data held to reduce the risk of a breach.

Personal identifiable data

This is data that identifies an individual, it includes name, Date of Birth, Address. We will obtain consent to hold this information. This will be most relevant to the signposting service.

Pseudonymised data

Processing of data in such a way that it can no longer be attributed to a specific data subject. The processing can be reversed. However, Healthwatch Islington does not plan to use pseudonymised data.

Key Principles to protecting data privacy

Healthwatch Islington recognises that we must:

  • have legitimate grounds for collecting and using personal data
  • not use the data in ways that have unjustified adverse effects on the individuals concerned
  • be transparent about how we intend to use your data, and to give you appropriate privacy notices when collecting personal data
  • handle people’s personal data only in ways they would reasonably expect
  • maintain accurate records and only record is necessary for a limited time (as set up by the requirements of our various contractors)
  • make sure we do not do anything unlawful with the data.

Staff and volunteers commit to treating data with the same care and attention as we would expect our own data to be treated.

Lawful basis for processing data

Unless an exemption applies Healthwatch Islington will need one of the following reasons for processing data:

  1. Consent (we will generally use this)
  2. Necessary for contract (this means a contract that an individual has entered in to with us, which means that money needs to have changed hands),
  3. Legal obligation that applies to Healthwatch Islington (for example, HR – staff have to give National Insurance Number and proof of permission to work in the UK), this does not however, include any obligations set out in a contract)
  4. Vital interests (this applies to life and death situations for example disclosing medical history when patient unconscious in A&E, unlikely to apply to Healthwatch Islington’s work)
  5. Lawful authority, in the public interest not expecting this to be applicable as it applies to administering justice of government functions) though signed up to info sharing re crime and safeguarding)
  6. Legitimate Interest. This is unlikely to apply to Healthwatch Islington, guidance from the Information Commissioners Office gave examples of where debt collection companies could share data to retrieve debts.

Data Protection by Design and Data Protection Impact Assessments

For each new Healthwatch Islington project we will carry out a Data Protection Impact Assessment. This will form part of the project planning and overall risk assessment.

We will consider:

  • What data we need to collect
  • What ‘sensitive’ or ‘personal’ data is included
  • How we will store this data securely and anonymously

Recording decisions

Decisions regarding holding of data for a ‘legitimate interest’ or new project will be reported to the Board at a Board meeting and minuted.


Consent must be:

  1. Unambiguous
  2. Freely given
  3. Demonstrable
  4. Specific
  5. Informed

We will be clear about safeguarding protocols when obtaining consent so that participants are aware that comments that give cause for a safeguarding concern would be shared with other parties.

The Healthwatch England database enables us to record consent and when it needs to be renewed. The Volunteer and Projects Manager will be responsible for renewing consent.

We will ensure that data held is correct and up-to-date.

An individual’s contact details being available in the public domain does not constitute consent for us to use those details.

Subject Access Requests

Healthwatch Islington will ensure that all reasonable requests, by those on whom we hold data, are responded to within one month. Data will be redacted as appropriate so as to ensure the protection of any data relating to anyone than the person requesting their own data.

Data breaches

All data breaches and near misses must be reported to the Board of trustees (via the Chief Executive) for reporting to the Information Commissioner and Charity Commission along with an action plan to notify those affected and reduce the risk of a repeat.

Retention of data (and right to be forgotten)

  • We will hold HR data for up to seven years (six years from the date of leaving employment), except information relating to unsuccessful candidates which will be held for two years, and up to ten years where an allegation has been made against a staff member
  • We will hold data on volunteers for up to seven years, in-line with staff HR data
  • We will hold details of expenses payments for up to seven years
  • We will signposting data for up to seven years,

If you ask to be deleted from our records we will delete you from our contacts database, we will hold your emails and correspondence for six months before deletion (in case of any ensuing complaint made).

You can be deleted from the records by contacting a member of the staff team, who will arrange this.


Healthwatch Islington will not carry out profiling (using data held on individuals to appeal for funds)

International protection

In sub-contracting, we will use EU-based companies, or where companies sit outside the EU we will ensure they subscribe to the EU GDPR compliance principles.

Memory sticks

We use a cloud-based system for document sharing. As such there is a limited need for storing and transporting personal data on a memory stick. Should the need arise, then we will ensure that memory sticks containing any non-anonymised personal are stored safely when travelling and that the contents be removed as soon as possible after use, being stored in the safe if necessary.

Temporary storage on personal devices (including personal computers, mobiles and tablets)

  • Files containing personal or identifiable data should not be downloaded to staff, volunteer or trustee personal computers.
  • Emails and other downloaded documents that include information including email address should be deleted from any temporary storage on personal devices.

E-mail communications

  • We will limit the amount of personal data gathered. We will only gather what is necessary for our work or stipulated by funders.
  • Personal contact details will be stored securely and not shared with other stakeholders, trustees or volunteers without informed consent of the data owner.
  • Group emails will be blind copied unless those in the group given informed consent for their email addresses to be shared with the others listed in the group.
  • When forwarding emails staff and volunteers must remove private email addresses of original sender(s) unless the sender(s) has given informed consent to share.

What is a private email address?

All volunteer, trustee and member email addresses should be considered private if they are contacting us as an individual.

When someone is contacting us on behalf of an organisation we can generally consider this is not covered by the General Data Protection Regulations. However, as some of our smaller partner organisations may use private email addresses for their work correspondence this may need to be considered on a case-by-case basis. If in doubt, check with the Chief Executive or the person concerned.

All e-mail correspondence will be BCCd unless otherwise stated.

Reports and recommendations

From the research and evidence gathering carried out by Healthwatch Islington, reports of findings will be produced. These reports will be shared with the relevant providers, commissioners, the regulator, Healthwatch England and the public. Reports will maintain the confidentiality of respondents and not identify research participants implicitly or explicitly, though they may name service providers.


Healthwatch Islington’s e-update in an electronic format is available to all interested parties; the public (not constrained to Islington residents), local voluntary organisations, councillors, NHS staff, council officers, HWE and other local Healthwatch.

The newsletter is available in hard copy upon request for community members.

The quarterly newsletter will be sent out to all community members. Where possible it will be sent electronically to minimise costs. It will be sent in hard copy to those community members without access to the internet and to local libraries, health centres, social care centres, dentists and children’s centres.


Healthwatch Islington will use signage at events to let people know when photographs are being taken. Attendees will be asked to let the photographer know if they do not wish to be photographed.

If children are included we will ask for written consent from their parents.

Other information

Healthwatch Islington will do what it can to share information which is in the public domain with Healthwatch England and other Local Healthwatch where appropriate.