Employees
Data processing purposes
- Employment purposes
- To register ‘reportable incidents’ on hospital premises
- Foundation Trust membership
- Prevention and detection of crime and fraud - We may use the information we hold about you to detect and prevent crime or fraud. We will also share this information with other bodies that inspect and manage public funds. We will not routinely disclose any information about you without your express permission. However, there are circumstances where we must or can share information about you owing to a legal/statutory obligation.
- crime prevention, safeguarding and prosecution of offenders
- sharing and matching of personal information for national fraud initiative
Information collected
- For Employment records - see the specific privacy notice available to hospital staff on our intranet
- Non-employment
- Basic details such as your name, address, date of birth, phone number, mobile phone number; email address
- Personal demographics: gender; ethnic group
- Prevention and detection of crime and fraud – more information is available on our intranet page ‘Anti-Fraud Service – Mersey Internal Audit Agency’
Information may be shared with
- For Employment Records - see the specific privacy notice available to hospital staff on our intranet
- Non-employment
- Health and Safety Executive (HSE)
- Membership information is not shared elsewhere
- Prevention and detection of crime and fraud – more information is available on our intranet page ‘Anti-Fraud Service – Mersey Internal Audit Agency’
Lawful basis
- GDPR Article 6(1)(b): processing is necessary for a contract you have with the individual, or because they have asked you to take specific steps before entering into a contract
- GDPR Article 6(1)(c): processing is necessary for compliance with a legal obligation to which the controller is subject
- GDPR Article 6(1)(e): processing is necessary for you to perform a task in the public interest or for your official functions, and the task or function has a clear basis in law
- GDPR Article 9(2)(b): processing is necessary for the purposes of carrying out the obligations and exercising specific rights of the controller or of the data subject in the field of employment and social security and social protection law