The Data Protection Act 2018 came into force on 23 May 2018 (it
replaced the Data Protection Act 1998) and is the UK’s
implementation of the General Data Protection Regulation (GDPR)
which came into force on 25 May 2018. The Data Protection Act
2018 (DPA 2018) provides a legal framework for all data
protection in the UK and has introduced new requirements for how
organisations process personal data, as well as expanding the
rights of individuals to control how their personal information
is collected and processed.
Fostering services across the UK must comply with this
legislation, in order to be more accountable for data protection
and consider issues of data compliance. This brief guidance
outlines some key issues when considering data protection
legislation for everyone involved in fostering.
Data protection legislation controls how your personal
information is used by organisations, businesses or the
government. Fostering services have access to a variety of
personal data including sensitive personal data when working
with fostering applicants, foster carers, children and young
people, birth families, social care staff workforce, fostering
panel members and so on.
Everyone responsible for accessing and using data
within the fostering system (dependant on your role and
responsibilities) has to follow strict rules called ‘data
protection principles’.
The main concepts and principles under the UK Data Protection Act 2018 has incorporated the new elements and important enhancements from GDPR , so therefore public authorities and fostering services will
need to consider some new areas as well as doing some things
differently.
Both the DPA 2018 and GDPR refer to sensitive personal data as
“special categories of personal data” and says this is more
sensitive and so needs more protection i.e. racial or ethnic
origin, health, political opinions, religious or philosophical
beliefs, or trade union membership, genetics, biometrics (where
used for ID purposes) and data concerning a person’s sex life or
sexual orientation. See DPA 2018 Schedule 1.
The following principles should apply in terms of data protection:
Florence Chiwetu is the Data Protection officer and can be contacted using the details below
Tel: +44 7958 482516