Sharing Your Information
In submitting an application BSO ITS will have access to the information. This will be closely managed with only those who are required to see your information in the context of their duties having such access. Typically this will include, the person administering the Recruitment & Selection Process, the panel responsible for the appointments process, the Occupational Health Department, the Human Resources Department and the Equality Unit / Department.
Retaining Information
Information is only retained for as long as necessary, in line with section L of the Department of Health (DoH) Good Management, Good Records (GMGR) as it relates to the area of recruitment.
Security of Information
The HSC is committed to taking all reasonable measures to ensure the security of all personal information it holds. The following arrangements are in place:
- All HSC staff have contractual obligations of confidentiality, enforceable through disciplinary procedures;
- Everyone working for the HSC is subject to the common law duty of confidentiality;
- Staff are granted access to personal information on a need-to-know basis only;
- Each HSC organisation has a Senior Information Risk Owner (SIRO) who is accountable for the management of all information assets and any associated risks and incidents, and a Guardian (PDG) who is responsible for the management of service user information/confidentiality.
- Each HSC organisation has also appointed a Data Protection Officer (DPO), who provides full authoritative advice and recommendations in the field of Data Protection and facilitates compliance with the Accountability requirement of GDPR;
- All HSC staff are required to undertake information governance training every 2 years. The training provided ensures that staff are aware of their information governance responsibilities and follow best practice guidelines to ensure the necessary safeguards and appropriate use of personal information;
- A range of policies and procedures are in place
Individual Rights
Individuals have certain rights under GDPR, namely:
- The right to obtain confirmation that their personal information is being processed, and access to personal information
- The right to have personal information rectified if it is inaccurate or incomplete
- The right to have personal information erased and to prevent processing, in specific circumstances
- The right to ‘block’ or suppress processing of personal information, in specific circumstances
- The right to portability, in specific circumstances
- The right to object to the processing, in specific circumstances
- The rights in relation to automated decision making and profiling
Access To Your Personal information
GDPR gives you the right to access information that the HSC holds about you by submitting a SAR. SARs must be made in writing. You will need to write to the relevant recruitment team and provide:
- adequate information (for example full name, address, date of birth, job reference number) so that your identity can be verified and your information located.
- an indication of what information you are requesting to enable us to locate this in an efficient manner.
The HSC aims to comply with requests for access to personal information as quickly as possible, and normally within a calendar month of receipt unless there is a reason for delay that is justifiable under GDPR. In the case of any delay this will be explained to you within the calendar month along with an anticipated timescale to provide you with the data you have requested.
We want to make sure that your personal information is accurate and up to date. If you think any information is inaccurate or incorrect then please let us know.