Public Health Privacy Notice
Who we are and what we do
Public Health is part of Gateshead Council. We are based at the Civic Centre, Gateshead. We provide the following services:
- Ill health prevention (including the commissioning of Public Health services, such as smoking prevention, substance misuse, sexual health, health visitor and school nursing programmes etc.)
- health promotion
- health protection
- healthcare public health
- intelligence and surveillance
- Public health knowledge
This privacy notice provides specific information about how we process your personal data. It is an addition to the information contained in our Corporate Privacy Notice.
What type of information is collected about you
- name
- address/postcode
- date of birth/Age
- gender
- carer status
- criminal conviction data
- domestic abuse data
- disability data
- health information
- images and quotes
- mental health status
- NHS number
- telephone number
- racial / ethnic origin
- refugee status
- school / college
- sexual orientation/sex life
How we collect information about you
We access information about residents of Gateshead, including people receiving health and care services within Gateshead, as well as, children and young people who attend school in Gateshead. We access information at a local level from our health partners, such as the Integrated Care Board and NHS providers, and a national level from NHS Digital etc.
Data is received and processed in the following formats:
- person identifiable data - containing personal data that can identify individuals, such as name, date of birth, gender, address, postcode and NHS number
- aggregated data - this is when all anonymised or pseudonymised information has been grouped together, so that it individuals cannot be recognised
- anonymised data - this is information about individuals that has had all identifying details removed
- pseudonymised data - this contains information about individuals but with the identifiable details replaced with a unique code
Why we need your information
Our purpose for collecting personal information is to enable us to:
- evidence the need for public health interventions aimed at improving the health and well-being of the public
- conduct public health surveillance
- manage risks to public health, conduct infection control
- inform the commissioning and delivery of public health services
- target the delivery of health interventions
Our purpose for collecting your personal data is to enable fulfilment of statutory obligations, learning and best practice, service delivery and provision of advice and promotion. The lawful basis for our processing is:
- consent
- performance of a contract to which data subject is party
- legal obligation to which the data controller is subject (Health and Social Care Act 2013, NHS Act 2006, Licensing Act 2003, Local Authorities (Public Health Functions and Entry to Premises by Local Healthwatch Representatives) Regulations 2013, Health Service (Control of Patient Information) Regulations 2002)
- public interest
Our lawful basis for processing of sensitive personal data is:
- employment, social security and social protection (if authorised by law)
- explicit consent
- public health (with a basis in law)
Who your information can be shared with
Our Corporate Privacy notice explains information sharing the Council carries out. This sharing fulfils statutory obligations, legal requirements and service delivery. Public Health can share your information with:
- UK Health Security Agency (UKHSA)
- emergency services
Our lawful basis for this sharing is performance of contract, legal obligation and public interest and your consent is not required.
If we wish to share your information with other council services or third parties for purposes outside of those listed above we will ask your permission.
How long we will keep your information
We keep your information for as long as we need to provide services to you. We may also need to keep your information in accordance with legal or other obligations. Where we have no need to keep your data it will be securely destroyed. We keep a Record of Processing Activity (a requirement under the GDPR). This sets out the specific retention periods applicable in different circumstances. For more information please contact: PHBusinessSupportTeam@gateshead.gov.uk
Where your information is held
Your data is held within systems that are both UK and non-UK based, but where non-UK based, the processors are subject to the standard contractual clauses or appropriate transfer mechanisms for international transfers.
How you can update your information
Our delivery of efficient services depends on the accuracy of your information.
Please inform us of any changes to the following:
- email address
- personal circumstances
- postal address
- any of the other information we hold
Please contact: PHBusinessSupportTeam@gateshead.gov.uk
Your information rights
Please see the relevant section of our Corporate privacy notice.
Marketing and e-newsletters
Please see our email marketing privacy notice.
Business intelligence, profiling and automated-decision making
Please see the relevant section of our Corporate privacy notice.
Protecting your information
Please see the relevant section of our Corporate privacy notice.
Data Protection Officer
Data Protection Officer
Civic Centre
Regent Street
Gateshead
NE8 1HH
0191 433 3000
Information Commissioner's Office
The Information Commissioner is the UK's independent body for upholding information rights. Visit their website to find out more about your rights under Data Protection law, and what to expect from us.
For privacy practices or data protection rights concerns, contact the Information Commissioner's Office:
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
0303 123 1113 or 01625 545 745