This policy defines the arrangements that Little Foxes has that assure compliance to the requirements of the Data Protection Act 1998. As relevant to the nursery’s business interest:
- The Data Protection Act 1998 addresses certain requirements for all organisations that collect and process personal data as part of their ongoing business operations. Personal data is defined by: any information relating to an ‘identifiable living individual’ and will therefore apply to the nursery’s families attending, employers and suppliers.
- The Data Protection Act 1998 applies to any data recorded in a filing system that allows personal data to be easily accessed.
- The Data Protection Act 1998 applies to records kept in a hard copy format and in computer files.
Who is responsible?
It is the responsibility of all members of staff to ensure that personal information about children, parents and carers and colleagues is not shared with individuals outside the setting. The Nursery Manager has overall responsibility to ensure that all personal information is kept safe and secure and in compliance with the Data Protection Act 1998 and where relevant the Freedom of Information Act 2000.
Individual staff members can be personally liable in law under the terms of the Data Protection Act 1998. They may also be subject to claims for damages from persons who believe that they have been harmed as a result of inaccuracy, unauthorised use or disclosure of their data. A deliberate breach of this Data Protection Policy will be treated as a disciplinary matter, and serious breaches could lead to dismissal.
B. Principles of Data Protection.
- Little Foxes is committed to the enforcement of the following code of good practice in relation to the data it keeps on the children and its employees. In summary, data will:
· Be fairly and legal processed
· Be relevant to the needs of the nursery setting
· Not be unnecessarily excessive in detail
· Be accurately maintained
· Not be kept longer than necessary or required by law
· Only be used in accordance with the individual’s subjects rights
· Be securely stored
- The following policies are also relevant:
· DBS Enhanced disclosure check
C. Policy details:
- The nursery will require written consent from each individual’s child’s parent/carer/guardian in order for personal data to be collected and processed. In this respect it will be taken that consent is implied through the following:
· Clients – by the parents/carer who signs the registration forms and appropriate consent forms as a ‘contract for nursery care’ for their child/children’s
· Employees – by completing the job application form at onset of employment and where the employee has not registered an objection to their data being used.
- All individuals, parents, carers, employees have the right of access to manual and computerised records when concerning their personal data, they also have the right to request changes to be made to personal information held about them if the data is not accurately up to date.
- Where it is deemed necessary to divulge information to a third party this will only be done with the express permission of the individual subject.
- Personal data and records will be maintained under appropriate conditions of security to prevent and unauthorised or accidental disclosure. Records can be hard copy (paper) format and computer files.
All parents should note that in the event of a safeguarding issue/concern then information about their child/children may be shared with relevant professionals without consent of their parents/carers.
Little Foxes is registered with the Information Commissioner’s Office’s (ICO). Our Registration Reference Number is: ZA232135.