Review of the NHS Complaints Procedure: Health Inequalities Impact Assessment
The final report of the Health Inequalities Impact Assessment of the changes proposed to the NHS complaints procedure.
Annex A: Privacy and related risk analysis
Initial screening questions
| Question |
Answer |
|---|---|
| Will the project involve the collection of new information about individuals? |
No |
| Will the project compel individuals to provide information about themselves? Will information about individuals be disclosed to organisations or people who have not previously had routine access to the information? |
No No |
| Are you using information about individuals for a purpose it is not currently used for, or in a way it is not currently used? |
No |
| Does the project involve you using new technology that might be perceived as being privacy intrusive? For example, the use of biometrics or facial recognition. |
No |
| Will the project result in you making decisions or taking action against individuals in ways that can have a significant impact on them? |
Yes |
| Is the information about individuals of a kind particularly likely to raise privacy concerns or expectations? For example, health records, criminal records or other information that people would consider to be private. |
Yes |
| Will the project require you to contact individuals in ways that they may find intrusive? |
No |
Analysis
| Questions to identify Privacy Issues |
Risk |
Impact |
Likelihood |
|---|---|---|---|
| 1. Technology |
|||
| (1) Does the proposal include the use of new or additional technologies with the potential for privacy intrusion? |
The proposal builds upon existing collection methods and technologies currently in operational use. |
Low |
Low |
| 2. & 3. Identity |
|||
| (2) Identity: Does the proposal include new identifiers, or substantially change or re-use existing, identifiers or any intrusive or onerous identification, authentication or identity management processes? |
The proposal builds upon existing identity methods and technologies currently in operational use. |
Low |
Low |
| (3) Identity: Does the proposal affect anonymity or pseudonymity; will previously anonymous or pseudonymous transactions be identified? |
The proposal builds upon existing operational processes. |
Low |
Low |
| 4. Justification |
|||
| (4) Is the justification for the proposal either unpublished or unclear? |
No. A full revised process and procedure will be published, including in accessible formats. |
Low |
Low |
| 4a) Does the proposal involve new or changed data collection policies or practices that may be unclear or intrusive? |
Yes. The revision of the procedure involves a greater emphasis on frontline early resolution, so in initial implementation the revised processes may be unclear, both to practitioners and to those making the complaint. Mitigation – detailed practitioner training will be developed, as will clear and accessible awareness raising materials. |
Medium |
Medium |
| 4b) Does the proposal involve new or changed quality assurance or security processes or standards that may be unclear and/or unsatisfactory? |
The proposal builds upon existing operational processes. |
Low |
Low |
| 4c) Does the proposal involve new or changed data access or disclosure arrangements that may be unclear or permissive? |
The proposal builds upon existing operational processes. |
Low |
Low |
| 4d) Does the proposal involve new or changed data retention processes that may be unclear or extensive? |
The proposal builds upon existing operational processes. |
Low |
Low |
| 4e) Does the proposal involve a new or changed medium or method of disclosure for publicly available information so data is more readily accessible? |
The proposal builds upon existing operational processes. |
Low |
Low |
| 5. Multiple organisations |
|||
| (5) Will the proposal involve multiple organisations, either government agencies (e.g. 'joined-up government' initiatives) or the private sector? |
The proposal builds upon existing operational processes, which involve the centralised reporting of annual complaints statistics. |
Low |
Low |
| 6. & 7. Data |
|||
| (6) Does the proposal involve personal data of particular concern to individuals? |
Yes. Complaints data can be of a highly sensitive nature, but given that the proposal builds upon existing operational processes no new risks are introduced. |
High |
High |
| (7) Does the proposal involve the linkage of personal data with data in other collections, or any significant change to existing data links or holdings? |
No |
Low |
Low |
| 8. 9. & 10. Data handling scope |
|||
| (8) Will the proposal handle a significant amount of data about each person, or significantly change existing data-holdings? |
The proposal builds upon existing operational processes. |
Low |
Low |
| (9) Will the proposal handle data about a significant number of people, or change significantly the existing population scope or coverage? |
The proposal builds upon existing operational processes. |
Low |
Low |
| (10) Does the proposal consolidate, inter-link, cross-reference or match personal data from multiple sources? |
No. |
Low |
Low |
| 11.12. & 13 Exemptions & exceptions |
|||
| (11) Is the proposal to process any data that is exempt from legislative privacy protections? |
No |
Low |
Low |
| (12) Does the proposal's justification include significant contributions to public security measures? |
No. |
Low |
Low |
| (13) Does the proposal intend to disclose personal data to, or access by, third parties that are not subject to EU or comparable privacy regulation? |
No. |
Low |
Low |