Data Protection

Data Protection Statement

The primary principle of our Records management practice is that the person/family has access to their information in the first instance by right.

Western Care Association supports the right of an individual and the family of a minor to see what information is held about him or her within the organisation as defined in the Data Protection Act. As a matter of policy and good practice and in line with legislation, all information about a person or family should be shared with them in the first instance unless there is a clear reason not to do so.   If it emerges that sensitive information or exempted information is contacted in the files, the person/ family will be advised and supported to apply through the Freedom of Information routine.

The Data Protection Acts 1988 & 2003 provide similar rights of access as the FOI Acts, the main difference being that the DP Acts do not apply to records of deceased persons. As with the FOI Acts, these rights extend to your own personal records and in specific circumstances, to those of your children. There are exemptions provided for in the Acts, this means that there are specific circumstances when the requested information will not be released. If any of these exemptions are used to withhold information, the reasons will be clearly explained to you.

Data Protection is the safeguarding of the privacy rights of individuals in relation to the processing of personal data.  You supply information about your family member or yourself to Western Care Association in order to avail of services or satisfy obligations.  For the purpose of Data Protection, such organisations or individuals who control the contents and use of personal data are known as Data Controllers.

Western Care Association, as a Data Controller must adhere to the eight rules of Data Protection.  The eight rules, which apply whether the information is held on computer or in a manual form are:

  • Obtain and process information fairly
  • Keep it only for one or more specified, explicit and lawful purposes
  • Use and disclose it only in ways compatible with these purposes
  • Keep it safe and secure
  • Keep it accurate, complete and up-to-date
  • Ensure that it is adequate, relevant and not excessive
  • Retain it for no longer than is necessary for the purpose or purpose
  • Give a copy of his/her personal data to that individual on request

You must apply in writing and simply refer to the Data Protection Act.

When to use the Data Protection Acts:

You may use either the Freedom of Information Acts or the Data Protection Acts to access personal information held by public bodies. However, the Data Protection Acts apply only to your own personal information (or in certain circumstances that of your child).  Also, the Data Protection Acts apply to all holders of personal information, not just public bodies.

Entitlements under the DP Acts:

  • A decision will, in normal circumstances, be issued within 40 days of receipt of your request
  • Details of your entitlement to complain to the Data Protection Commissioner will be included in the decision letter

Making a Request to Access Information under the Data Protection Act

To make an access request under the Data Protection Acts 1988 & 2003, please submit your request in writing to your local Data Protection Officer , ensuring that you describe the records you seek in the greatest detail possible to enable us to identify the relevant records.