How we use personal data for employment purposes
Purposes for processing
We process your personal data in the main because the processing is necessary for the purposes of a contract of employment we have with you. In some cases, we may process information only once we have received your consent for us to do so. In other cases, we will process data in order to comply with legal requirements, both contractually and non-contractually. The reasons for which we may process your personal data may include (but are not limited to):
- Staff administration (including payroll)
- Pensions administration
- Workforce planning, and provision of facilities such as estates, car parking and IT
- Equal opportunities monitoring
- Staff health and wellbeing, safety and security, e.g. CCTV and staff identity badges
- Provision of management information
- Surveying of staff to support organisational initiatives
- Business management and planning
- Accounting and Auditing
- Accounts and records
- Crime prevention, detection of fraud and prosecution of offenders
- Education
- Management of organisational change
- Supporting emergency preparedness and business continuity
- Health administration and services
- Compliance with obligations, e.g. returns to Cabinet Office/Government departments
- Board member ‘fit and proper person test’ (FPPT) data capture.
Categories of personal data
To carry out our activities and obligations as an employer/engaging body we may process the following data:
- Contact details such as names, addresses, telephone numbers
- Emergency contact(s)
- Education and training, incl. development reviews (appraisals)
- Employment/identity records (including professional membership, qualifications, references and proof of identity and eligibility to work in the UK)
- Bank details
- Pay, benefits and Pension details (incl. National Insurance number)
- Information around travel and subsistence; expenses
- For staff driving a vehicle for work purposes: vehicle details, details of driving licence and vehicle insurance, tax, MOT etc.
- Personal demographics (including protected characteristics such as gender, race, ethnicity, sexual orientation, religion, date of birth, marital status, nationality)
- Medical information including mental and physical health
- Information relating to health and safety
- Trade union membership
- Offences (including alleged offences), criminal proceedings, outcomes and sentences
- Employment Tribunal applications, Employee Relations cases, complaints, accidents, and incident details
- Employment details (position details, salary, full time equivalent (FTE) etc., status in relation to organisational change)
- Support provided under employee assistance programmes.
Please note this list is not exhaustive and may change over time.
Information sharing and recipients
There are a number of reasons why we may have to share your personal information with third parties.
There may be circumstances where information is shared without your consent, for example:
- The disclosure is necessary for a statutory function of NHS England or the third party to whom the information is being disclosed
- There is a statutory obligation to share the data; for example, making returns to the Cabinet Office, Department of Health, Office of National Statistics etc.
- Disclosure is required for the performance of a contract
- Disclosure is necessary to protect your vital interest; for example in medical emergency situations
- Disclosure is made to assist with prevention or detection of crime, or the apprehension or prosecution of offenders
- Disclosure is required by a Court Order
- Disclosure is necessary to assist NHS England to obtain legal advice.
We may need to share your information with the following organisations/categories of organisations (further detail below):
- Other employers – to obtain pre-employment references or to enable you to undertake a secondment or corporately sponsored volunteer role
- Disclosure and Barring Service (DBS) – obtain employment background checks and necessary criminal record checks
- Occupational health provider – information about your health and attendance to enable them to provide advice and guidance to HR and your manager.
- Payroll and pensions providers – to process your pay and pension
- Employee benefits providers – to allow them to support you with the employee benefits services you wish to take up
- ICT providers – to grant you access to ICT systems necessary to perform your role
- Training and development providers – to enable you to undertake approved learning and development activities
- Survey providers – to collect views from our staff and report on staff engagement within the organisation
- Publications – NHS England publishes information about certain staff, including their name and job titles.
Specific information about recipients of personal data and the data shared can be found below.
Department of Health and Social Care (DHSC)
NHS England will share data with DHSC data relating to its organisational structure namely: names of senior individuals (salary band 9 and above), individual job titles, grade, directorate and sub-directorate.
The purpose of this is for:
- Understanding the numbers of staff working in different areas and assurance that resources are being prioritised in line with ministerial priorities
- Understanding the make-up of staffing in order to help shift resources flexibly and quickly when major events or new priorities emerge (e.g. Covid, Brexit)
- Analysing where there are teams undertaking similar functions across different parts of the system (DHSC and individual ALBs) with a view to identifying opportunities for efficiencies.
The processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controllers.
The personal data to be shared under this agreement will assist the Secretary of State in the discharge of their duties relating to the promotion and provision of the health service in England (including public health functions), as outlined in Part 1 of the NHS Act 2006 (as amended by the Health and Social Care Act 2012).
Recruitment, Employee Records and Contracts Administration (NHS Business Services Authority)
NHS England are working to establish integrated Human Resources services, and the components of this joint service will be designed and implemented during 2019/2020. The purposes related to employment for which we currently process personal data jointly are:
- NHS Digital, Health Education England and NHS England merger
- Staff recruitment
- Equal opportunities monitoring
- Line management
Staff recruitment
NHS England has established a joint recruitment service, and are responsible as a controller for the processing of personal data that you provide on your application, and from other sources. We have engaged the NHS Business Services Authority (NHSBSA) to process applications for employment on our behalf.
NHS BSA works with NHS England through each stage of the recruitment process using our end-to-end recruitment system TRAC, this includes pre- and post-interview activities up to confirming the offer of employment and issuing a contract. If you applied for a vacancy using NHS Jobs your application will be imported into the TRAC recruitment system and all information you receive about your application will be generated by TRAC. You may be invited to create a TRAC account if you are shortlisted to enable your application to be managed through the system.
We will use information you have provided to verify your identity when we speak to you, and at all stages of the application process.
For successful applicants
Before agreeing a contract, we will use the information you have provided to complete the following pre-employment checks in line with NHS Employers’ guidance:
- Professional registration checks
- Employment history and reference checks
- Disclosure and Barring Service (DBS) check (if required)
- Work health assessment: to check you are fit to work or confirm what reasonable adjustments are required, if applicable
- Confirming Right to Work, identity, and eligibility for the vacancy
- Meeting safeguarding law requirements where this is relevant to the vacancy role
NHS England are also required to monitor the diversity of candidates to ensure we comply with the Equality Act 2010.
Categories of recipients
We share your information with:
- medical professionals, to assess your fitness to work and any reasonable adjustments that you need
- the Disclosure and Barring Service (DBS), if your role requires a DBS check
- with named referees to obtain a reference
- any other organisation who has a legal right to it.
Your information will not be transferred outside the European Economic Area (EEA).
Keeping your personal information
For non- successful applications, personal information in the e-recruitment system will be deleted within 400 days of the advertised application closing date. This information is retained so that we can revisit vacancies and applications in case the vacancy needs re-advertising or to enable us to respond to any candidate queries.
Successful applications will remain in the system for 400 days, but only information relevant to the employment of successful candidates will be retained within staff employment records. This will be specified in your contract of employment. If you withdraw at offer stage, you will not receive any further information and your details may still be retained for 400 days securely outside of the e-recruitment system.
Equal opportunities monitoring
We have established a joint analytics team that is responsible for analysing data to enable reporting on compliance with equal opportunities requirements by NHS England. This supports workstreams such as the Workforce Race Equality Standard, the public sector Equality Duty and the Gender Pay Gap, which are mandatory for NHS employers.
Record level staff data is required to enable analysis by data items representing any characteristics relevant to equalities monitoring. Personal data including employee number is obtained from the Electronic Staff Record and other sources for example appointments to roles.
The dataset extracted includes employee number, data about role including grade and pay scale, position, type of contract, working hours, also protected characteristics including gender, ethnic origin, disability, marital status, sexual orientation, age band, religious belief.
The employee number is required to enable linkage between datasets.
Access to personal data including employee number is restricted to members of the joint analytics team.
Line management
Managers have access to the Electronic Staff Records of their staff and use this to keep employment details up-to-date and manage the development of their staff, training compliance, annual leave and other absence. Managers use personal data relating to the health of their staff for the following purposes:
- Reimbursement of expenses
- Maintenance of professional registration
- Sickness absence management
- Maternity and adoption
- Occupational Health and accommodating special workplace needs.
Sickness absence management
As an employer, NHS England have legal duties to ensure the health and safety of their employees at work, and that their employees receive their sickness pay allowance entitlement. We must also ensure that we comply with employment rights legislation around sickness absence.
Managers need to know that that their staff are fit for work and be aware of adjustments that may be to necessary to support staff following a period of sickness. For these purposes they will receive GP fit notes from the staff that they manage. These indicate whether or not an individual is fit for work and may give advice on any support required to accommodate an illness or condition when returning to work.
Managers will also receive return to work forms completed by their staff, and conduct return to work interviews to agree on any adjustments required.
Managers must ensure that the Electronic Staff Record (ESR) for their staff is kept up to date with sickness absence records. This enables us to comply with employment rights legislation when managing sickness absence.
By analysing the data extracted from the ESR we are able to identify and address any inequalities and target health and wellbeing interventions.
Maternity, paternity and adoption
Managers are responsible for ensuring that the rights of their staff are respected when they are to become mothers or fathers.
They will receive completed MATB1 and matching certificates, which confirm details around a pregnancy or adoption. These forms are shared with HR and payroll ensuring communication with the employee about their entitlements and correct payment during periods of leave.
Occupational health and accommodating special workplace needs
Line managers may refer a member of staff, with their consent, for an occupational health assessment.
The NHS England Occupational Health Providers are external providers. Managers will share your contact details and referral with the providers as required.
Managers will receive occupational health reports to inform them of any adjustments that are required.
Workforce Race Equality Standard
The Workforce Race Equality Standard (WRES) was introduced to the NHS in April 2015 to ensure that employees from black and minority ethnic (BME) backgrounds have equal access to career opportunities and receive fair treatment in the workplace.
The WRES is an integral part of the NHS Long Term Plan (LTP) and NHS People Plan, with ambitions for NHS trusts to set aspirational targets for BME representation across their leadership team and broader workforce. A model employer; Increasing black and minority ethnic representation at senior levels across the NHS, sets out the ambitions for this criterion to be met.
The aspirational targets have been developed by analysts at NHS England and the Department of Health and Social Care; they are based upon a robust and fit for purpose methodology.
To support this NHS England receives aggregate data (numbers) that are collected by NHS Digital from trusts under directions from the Secretary of State for Health and Social Care.
Working with the seven NHS England regional directors and their respective HR directors, individual organisation targets will be shared for oversight on how trusts in each region are performing against their objectives.
Aspirational target data for NHS trusts will not be published by the WRES team or regional teams, however individual organisations could publish their data if they choose to.
Payroll and Pensions Administration (NHS Payroll Services (NHS PS))
The payroll of NHS England is managed by NHS Payroll Services (NHS PS). Your personal information will be made available to NHS PS through the Electronic Staff Record (ESR) (see below) in order to allow them to pay your salary, any associated expenses, to make appropriate deductions and to comply with our legal and statutory obligations. From time to time we may need to share additional information to that held in ESR with NHS PS in order to ensure that they deliver the services we require and continue meet statutory or contractual obligations. Data will also be shared with pensions providers, e.g. NHS Pensions and NEST.
Electronic Staff Record (ESR)
Your personal information may also be used to fulfil other employer responsibilities, for example, by to maintain appropriate occupational health records, comply with health and safety obligations, carry out any necessary security checks and all other employment related matters. In addition, the information held may be used in order to send to you, information which is relevant to our relationship with you. Your information will only be disclosed as required by law or to our appointed agents and/or service providers who may be used for a variety of services, for example, processing of payroll and provision of pensions administration or staff surveys.
IBM, who provide ESR, and its partners as service providers will be responsible for maintaining the system. This means that they may occasionally need to access your staff record, but only to ensure that the ESR works correctly. Where this happens, access will be very limited and is only to allow any problems with the computer system to be investigated and fixed as necessary. They will not have the right to use this data for their own purposes and contracts are in place with the Department of Health to ensure that the data is protected and that they only act on appropriate instructions. IBM and the ESR Central Team may access anonymised data about transactions on the ESR system to support the development and optimal use of the system.
Some of your personal information from ESR will be transferred to a separate database, known as the Data Warehouse. This will be used by various Government and other bodies (listed below) to meet their central and strategic reporting requirements. It will allow them to access certain personal information to generate the reports that they need and are entitled to. The Data Warehouse is intended to provide an efficient way of sharing information. Organisations currently granted access to the Data Warehouse are; NHS Digital, NHS Employers, Health Education England and its local committees (LETBs), Deaneries, Department of Health, Welsh Government, NHS Wales Shared Services Partnership, Care Quality Commission, NHS Trust Development Authority, and Monitor. The government may allow further organisations to have access in the future and therefore an exhaustive list cannot be provided, however any organisation having access to your data will have a legal justification for access.
Occupational health service provider
The NHS England Occupational Health Service is managed by an external provider. Your personal information will need to be shared with the provider as and when required to allow them to provide NHS England employees and managers with the services required.
Expenses system provider
To provide an efficient way for staff to claim expenses, we use a hosted third-party software. Staff data is transferred to and from this system from the ESR system to ensure staff are able to claim and be reimbursed for expenses and NHS England can be assured this is within the policy set. The provider meets the ISO27001 information security standard in respect of the security of the data it holds. The provider processes the data to advise accurate amounts for reimbursement. The company may also periodically analyse the data to review trends and suggest improvements to NHS England.
Internal audit
We provide information to our internal audit function, which is provided by an external service provider, to ensure NHS England has good processes and systems to manage and protect public funds.
Survey providers
We may provide limited information to third party survey providers, to collect views from our staff and report on staff engagement within the organisation.
Flexible working
We process personal data that is necessary to enable flexible working applications to be reviewed and progressed. This includes employee name, employee number, pay band, job title and the reason for requesting flexible working. This is received by the People and Organisational Development team who review the application.
Benefits system provider
We aim to provide our staff with employment benefits such as, gym opportunities, cycle to work scheme and other discounts to support staff personally and professionally whilst in employment with NHS England. NHS England’s benefits system is managed by an external provider and your personal information will need to be shared with the provider as and when required to allow them to support you with the services you wish to take.
Other bodies
NHS England is responsible for protecting the public funds it manages. To do this we may use the information we hold about you to detect and prevent crime or fraud. We may also share this information with other bodies that inspect and manage public funds. We may also share your personal information due to:
- Our obligations to comply with current legislation
- Our duty to comply with any Court Order which may be imposed.
Any disclosures of personal data are always made on case-by-case basis, using the minimum personal data necessary for the specific purpose and circumstances and with the appropriate security controls in place. Information is only shared with those agencies and bodies who have a “need to know” or where you have consented to the disclosure of your personal data to such persons.
We will not routinely disclose any information about you without your express permission. However, there are circumstances where we must or can share information about you owing to a legal/statutory obligation or other legal basis for disclosure .
We may obtain and share personal data with a variety of other bodies, which may include:
- Her Majesty’s Revenue and Customs (HMRC)
- Disclosure and Barring Service
- Home Office
- Child Support Agency
- Internal Audit, service currently provided by Deloitte LLP
- NHS Counter Fraud Authority
- Department of Health
- Central government, government agencies and departments
- Other local authorities and public bodies
- Ombudsman and other regulatory authorities
- Courts/Prisons
- Financial institutes for e.g. banks and building societies for approved mortgage references
- Credit Reference Agencies
- Utility providers
- Educational, training and academic bodies
- Law enforcement agencies including the Police, the Serious Organised Crime Agency
- Emergency services for e.g. The Fire and Rescue Service
- Auditors e.g. Audit Commissioner
- Department for Work and Pensions (DWP)
- The Assets Recovery Agency
- Relatives or guardians of an employee where there is a legal duty to do so.
What if the data you hold about me is incorrect?
It is important that the information which we hold about you is up to date. If you believe that the information we hold is incorrect, in the first instance please check if the information can be updated on ESR through the Employee Self Service portal. Guidance is available on our internal intranet (nhsengland.sharepoint.com/TeamCentre/TCO/People/Pages/Workforce.aspx).
If you are unable to make the change in ESR then please let us know by contacting your line manager and/or the Workforce Systems team on [email protected].
Legal basis for processing
For entering into and managing contracts with the individuals concerned, for example our employees the legal basis is Article 6(1)(b) – ‘processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract’.
Where we have a specific legal obligation that requires the processing of personal data, the legal basis is Article 6(1)(c) – ‘processing is necessary for compliance with a legal obligation to which the controller is subject’.
For other processing of personal data about our employees, our legal basis is Article 6(1)(e) – ‘…exercise of official authority…’.
For the additional processing of personal data about our employees in relation to the FPPT, our processing is for the purposes of our legitimate interests. Further details around the FPPT can be found on our website and the significance of the information required which also helps align NHS England with other NHS bodies captured by the FPPT under Regulation 5 of the Health and Social Care Act 2008 (Regulated Activities) Regulations 2018.
Where we process special categories data for employment purposes the condition is: Article 9(2)(b) – ‘…processing is necessary for the purposes of carrying out the obligations and exercising specific rights of the controller or of the data subject in the field of employment and social security and social protection law…’.
Additionally, under our obligations as an employer and public authority, in relation to the FPPT; special category data is processed under Article 9(2)(g) – ‘processing is necessary for reasons of substantial public interest…’
For the processing of information about the health of our workforce, the legal basis is: Article 9(2)(h) – ‘ …processing is necessary for the purposes of preventive or occupational medicine…assessment of the working capacity of the employee…the provision of health or social care…’.
