- How we use your data
-
Health and safety collects and processes personal data relating to anyone employed by Stoke-on-Trent City Council and external clients, to manage the service we provide.
The health and safety support team may collect and process a range of information about you dependent on the service provided. This includes:- your name, address and contact details, including email address and telephone number, home address, exact location of an incident, witness statements of an incident
- your payroll number (if employed by Stoke-on-Trent City Council)
- your date of birth
- details of your accident or ill health notification
- information about the outcome of accident, incident and near miss investigations
- some details of periods of absence taken by you if an accident or incident resulted in time off work (city council employees only)
- information about medical or health conditions, from the accident or ill health you have suffered
- information about any medical treatment you have received after the incident
We collect this information in a variety of ways such as correspondence from you through application forms, for the request of an eyecare voucher; or to report of an incident, injury or near miss, from forms completed by your manager to report an injury, incident or near miss or to request an eyecare voucher on your behalf.
Where you are not employed by Stoke-on-Trent City Council an officer may send personal information to our team to report an incident, accident or near miss you may have been affected by on your behalf for the health and safety team to investigate further, where deemed necessary.
Your personal data will be stored in a range of different places, including SharePoint, our health and safety management system and health and safety email system, P-drive and possibly in document format.
We need to process your data to comply with health and safety legislation. Under the Health and Safety at Work Act 1974 employers have an absolute duty to care for those in its employment and anyone that may be affected. This enables us to:- comply with the accident-reporting requirements under the reporting of diseases, dangerous occurrence and injury regulations (RIDDOR) for employees of Stoke-on-Trent City council and contractors, members of the public, pupils and visitors
- supply sufficient information to the legal team in the case of potential legal proceedings for employees of Stoke-on-Trent City council and contractors, members of the public, pupils and visitors
- keep accident information for those in Stoke-on-Trent City Council's care services and pupils that have suffered an injury, for the required applicable timeframes
- work with human resources and occupational health to provide the safest environment possible for individuals with additional needs and support the disciplinary procedure
- identify areas for improvement, either on a personal or team basis to ensure legal compliance and best practice is being followed
- obtain information relating to any type of disability you may have, to ensure that we comply with making reasonable adjustments where possible to comply with the Disability Discrimination Act
- provide monthly anonymised reports for senior managers regarding accidents within their areas
- ensure effective general health and safety and business administration
- provide training records on request external businesses who may have purchased training through us and wish to access their records to produce service strategies
- provide adequate and appropriate safe working procedures
- manage your performance
- provide training and development opportunities
Your information may be shared internally, including with members of the HR team, your line manager, managers in the business area in which you work, risk management and Insurance team and IT staff if access to the data is necessary for performance of their roles.
We may share data with our internal audit team to evaluate the effectiveness of the organisation’s risk management, control and governance processes. We may also share your data with the council's fraud team to help to prevent and detect fraud.
Health and safety also shares your personal data with third parties who process data on our behalf, including:- opticians (council employees only)
- the Health and Safety Executive
- ergonomic providers (council employees only)
We take the security of your personal data seriously and follow internal policies and controls which are in place to try to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by city council staff in the performance of their duties unless as stated above under ‘third parties’.
Some of the ways we protect your personal data include:
- implementing appropriate technical and organisational measures to protect the confidentiality, integrity and availability of personal data and information
- ongoing continuous review of security
- regular review of information assurance and security policies and procedures
- ongoing training and awareness for staff on information assurance and security
- alignment with codes of conduct, certification schemes and government guidance, including the HMG Security Policy Framework, Government baseline security standards, and the National Cyber Security Centre (NCSC)
- use of the Government supplier assurance framework and crown commercial services frameworks when working with suppliers and third parties
- regular review of security and cyber risks
Where we engage third parties to process personal data on our behalf, they do so under contract and on the basis of written instructions. Third parties are under a duty of confidentiality and are obliged to implement appropriate technical and organisational measures to ensure the security of data and comply with data protection legislation.
We will destroy your personal data inline with the council's retention policy.
As a data subject, you have a number of rights. You can:- access and obtain a copy of your data on request
- ask us to change incorrect or incomplete data
- ask us to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing
- object to the processing of your data (in certain circumstances)
If you are an employee of Stoke-on-Trent City Council you have some obligations under your employment contract to provide the city council and more specifically health and safety with data.
Failing to provide the data may mean failure to exercise your statutory rights. You may also be in breach of your responsibilities in relation to the employee code of conduct. If you are a member of the public we cannot exercise your statutory rights.
- Who to contact if you have questions
-
Email health and safety manager Becky Cammillare
If you wish access your personal data, this should be requested through the Information Rights Team, which handles subject access requests made by current and past employees.
If you believe we have not complied with your data protection rights, contact the city council’s data protection officer in the first instance. You can also complain directly to the Information Commissioner's Office (ICO).
Information Commissioner's Office website