Confidentiality

Employees should only have access to financial information that is relevant to the support provided to the resident.

Financial information should never be shared via any means including but not limited to n the telephone, via email or through social media.

Any loss of financial information should be reported to the HCM/CM, who should then report it to the Governance and Compliance Manager, as per the Security Incident Event Management (SIEM) procedure. The SIEM, is the ‘Security Incident Event Management’ form and is required to be completed if there has been any breach, incident or event leading to the loss or theft of personal data. This form should be sent to the Information Governance Manager and Data Protection Officer (DPO) as soon as a breach of personal data is recognised. This is because to determine if the breach is ICO reportable and an investigation findings report is required to be submitted to the ICO within 72 hours of the DPO being notified of the breach. Any technical data breaches should be alerted to the IT Security Manager or IT Service Desk, to mitigate further loss and risk to the business, who will then alert the DPO, again the SIEM should be completed.

Personal data will be managed and processed in accordance with Housing 21 Data Protection and Information Security Policies and Procedures.