Consultation privacy notice
Updated 21 June 2022
Applies to England and Wales
Summary
The Mental Capacity Act 2005 (MCA) is designed to protect and empower people who may currently lack the mental capacity to make their own decisions about their care and treatment. It also allows people who have capacity to make preparations for a time when they may lack capacity in the future. The MCA applies in England and Wales.
The Liberty Protection Safeguards (LPS) were introduced in the Mental Capacity (Amendment) Act 2019 (MC(A)A) and will replace the Deprivation of Liberty Safeguards (DoLS) system. The LPS will provide protection for people aged 16 and above who are or who need to be deprived of their liberty in order to enable their care or treatment and lack the mental capacity to consent to these arrangements.
People who might have an LPS authorisation include those with dementia, autism and learning disabilities who lack the relevant capacity.
The LPS will deliver improved outcomes for people who are or who need to be deprived of their liberty. The LPS have been designed to put the rights and wishes of those people at the centre of all decision-making on deprivation of liberty.
We will be publishing an MCA Code of Practice before it is laid in Parliament, so we can consult on it in draft form. We will also consult on:
- 6 sets of LPS regulations
- a training strategy for workers who will have to implement the LPS
- an impact assessment the data that Responsible Bodies will have to collect
As part of this consultation, we will be collecting responses which will contain data that we need to keep safe.
We will not, however, be processing ‘personal data’ under the General Data Protection Regulation (GDPR) – we include this privacy notice simply for transparency regarding how we will treat any responses to this consultation.
Data controller
The Department of Health and Social Care (DHSC) is the data controller for data disclosed through our online form (hosted by SurveyOptic) for collecting consultation responses. The Data Protection Officer can be contacted at data_protection@dhsc.gov.uk.
What data we collect
At the beginning of the survey, we will provide an opportunity for you to provide information concerning your age, ethnicity, religion, gender, which country of the UK you live in, whether you are a parent or guardian, and whether or not you consider yourself to have lived experience of the MCA. You can tick ‘prefer not to say’ for any of these categories if you do not want to provide this information. This data is not personal data as it does not relate to an identified or identifiable natural person. We are only collecting this data for the analysis of trends.
We will also be asking open questions with free text answer boxes. Some people, particularly if they may have experience of the MCA, may choose to disclose personal information in these boxes. For example, they might give their age as context for a response. If anyone includes information that could identify them personally in their answers, such as their name, we will disregard the response. This means that we will not process any personal data as part of the consultation.
How we use your data
Your data is being collected as an essential part of the consultation process to help us understand how this policy will impact people in practice, so we can make any necessary improvements ahead of the publication of the Code of Practice and the implementation of the LPS. We will not collect any information that could identify you as an individual.
Recipients of data
All representations submitted in response to this consultation will be shared between DHSC and the Ministry of Justice (MoJ) as this is a joint consultation between those departments. Specific representations may also be shared with other central government departments and their agencies, such as the Department for Education (DfE), where it is necessary to draw on their expertise. Neither DHSC, MoJ nor DfE will use the data to identify any individuals who have responded to the consultation. Any personal data accidentally disclosed will be disregarded.
How we will collect and store your data securely
We are using a third party system, SurveyOptic, to collect consultation responses. SurveyOptic software enables organisations to set up and operate democratic exercises, through which they will engage with you.
When you access and use SurveyOptic, your information submitted to the survey will go to the data controller for the consultation. DHSC and MoJ are the organisations running this site and operating as a data processors.
SurveyOptic’s role is to process this data on behalf of the controller. Processing means, among other things:
- making sure this website runs properly
- that your data is securely stored and is available to the controller so that they can do their work effectively
SurveyOptic’s primary purpose is in making software platforms that help you to have your say. To do this we need to make sure that when you do, your data is safe, secure, and can be worked with effectively. SurveyOptic will not access your personal data unless requested to do so by the controller, and only for the purposes of helping them or you.
In the first instance your data will be stored on their secure UK-based servers. Your data will remain on the SurveyOptic servers and/or be transferred to our secure government IT system for 2 years of retention from the closure of the consultation before it is securely erased.
International data transfers and storage locations
We handle your data in accordance with appropriate procedures and technologies to maintain and protect its security, availability, confidentiality and integrity, and prevent its unlawful or unauthorised processing, accidental loss or damage, from its collection until its destruction.
Your data will not be sent overseas.
Storage of data by SurveyOptic is provided via secure servers located in the UK.
Retention and disposal policy
Your data will be held for 2 years from the closure of the consultation.
Automated decision making or profiling
Your data will not be used for any automated decision making.
Comments or complaints
Anyone unhappy or wishing to complain about how data is used as part of this programme, should contact data_protection@dhsc.gov.uk in the first instance or write to:
Data Protection Officer
1st Floor North
39 Victoria Street
London
SW1H 0EU
Anyone who is still not satisfied can complain to the Information Commissioners Office. Their postal address is:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Changes to this policy
This privacy notice is kept under regular review, and new versions will be available on our privacy notice page on our website. This privacy notice was last updated in March 2022.