Project/Process Title

Development of Care and Support Hubs

Directorate / Service Area

Health and Adult Services

Overview of Project/Process

A strategic business case has been undertaken to consider the options to address the escalating pressures on Health and Adult Services (HAS) budgets, one of the main drivers being the requirement to purchase increasing levels of high-cost specialist older people’s residential care in the independent care sector, due to a growing demand for the provision of dementia services and intermediate care.

A proposal is put forward for a key market management intervention through the replacement of the Council’s in-house older people’s residential care services, currently known as Elderly Person’s Homes (EPHs), with five new-build Care & Support Hubs strategically located across the county. 

Screening Questions

Yes

No

Justification for Answer

Will your project/app/system involve processing of information about individuals which includes special category or criminal conviction data? Please note this does include ‘anonymous’ data within these categories if unique identifiers such as initials or reference numbers are also processed.

If you are processing any of the below types of personal data your answer should be YES:

·         Racial or ethnic origin

·         Political opinions

·         Religious or philosophical beliefs

·         Trade union membership

·         Genetic data

·         Biometric data

·         Data concerning health

·         Data concerning a person’s sex life

·         Data concerning a person’s sexual orientation

·         Criminal conviction data

☐

☒

No individual processing of information will be included in this project.

Will you be collecting new personal information about individuals, or information which, if breached could have a significant impact on an individual?

Examples where the answer would be YES:

·         This a new system/process processing personal data that has not been previously collected

·         This is an existing system/process processing personal data but additional data must be collected due to a change in scope of the system/process

·         Data which has routinely been collected is being collected in a new way, this data is very sensitive and would cause distress to the data subject if it was breached

☐

☒

This programme of work would see the replacement of the Council’s in-house older people’s residential care services;  currently known as Elderly Person’s Homes (EPHs) with five new-build Care & Support Hubs strategically located across the county. 

Will information about individuals be disclosed or shared with organisations or people who have not previously had routine access to the information?

Example of where the answer would be YES:

·         There is a requirement to share information with an external 3rd party who has not previously had access to the data. This would also result in the need for a Data Sharing Agreement (DSA).

☐

☒

No personal information will be shared with organisations or people who have not previously had routine access to information.

Are you going to use information you already hold about individuals for a purpose it is not currently used for?

Example of where the answer would be YES:

Matching information from different systems/data sources, where purpose/lawful basis of original data collection may differ

Details of the Information Asset in question will be contained within NYC’s Information Asset Register (IAR) and the purpose for processing, along with the legal basis for processing will be recorded. The way information will be used in this new system/process must match the existing purpose/legal basis, otherwise a DPIA is required

☐

☒

This programme involves re-shaping of services and will not manage or process any personal data.

Does the project involve using technology which might be perceived as privacy intrusive or monitoring any publicly accessible areas? For example, CCTV, facial recognition, use of biometrics* such as thumb prints, Vehicle number plate recognition or location tracking.

☐

☒

Does any phase of project/system/ app use automated decision making based on information provided by the individual or received from a 3^rd party? Automated individual decision-making is a decision made by automated means without any human involvement (e.g. online credit checks).

Example of where the answer would be YES:

·         A new piece of software is being implemented which checks an applicant’s geographical location, age and household income and automatically offers a free service to eligible applicants when certain conditions are met

☐

☒

Will the project include marketing or contacting individuals which may be considered intrusive?

By phone, by email or by post, where they have not be informed/are not expecting that this contact will take place.

Example of where the answer would be YES:

·         I have access to a list of email addresses which were collected for the purpose of setting people up as users of their local library. I’d like to send them a notice about a new transport services available that operate near the library.

☐

☒

Will the project include data matching from different sources or profiling? Combining, comparing or matching personal data obtained from multiple sources.

Example of where the answer would be YES:

·         Matching data from two/three different children’s systems to understand which children may be eligible to join a new learning programme.

☐

☒

Will you be conducting large scale processing, this includes numbers, duration and geographical spread?

Example of where the answer would be YES:

·         Processing data related to all/most children who reside in North Yorkshire

·         Tracking all/most individuals using public transport systems in North Yorkshire

☐

☒

Date of Assessment

12/12/24

Project Sponsor Name

Rachel Bowes

Project Sponsor Signature