9am - 7:30pm Monday-Friday
10am - 4pm Weekends and UK Bank Holidays
LawCare is committed to providing a high quality service to the legal community. We hold the privacy and dignity of those seeking our support in high regard, and we recognise the importance of confidentiality in our interactions with individuals who contact us for help. It is important that anyone contacting LawCare has complete confidence and trust in our services. Our service is confidential and we protect any information that individuals choose to share with us.
Any information that an individual discloses to a member of the Helpline team, (both staff and volunteers) is treated respectfully and sensitively. The Helpline team work closely to ensure that individuals receive the best support we can offer, so sometimes it is necessary to share information within the team. Personal information conveyed to LawCare will not be shared with non-Helpline staff and volunteers or external organisations without explicit and informed consent (other than in the exceptional circumstances listed below). Sometimes in order to help an individual we may need to liaise with external organisations so that we can provide effective support e.g. contacting other support agencies or counsellors. In these circumstances we will ask for permission to share any relevant information.
Exceptional circumstances and limitations to confidentiality
There are rare instances when we are unable to maintain our commitment to confidentiality. These are circumstances where:
In such circumstances we would seek to obtain consent prior to disclosure of any personal information, but if the risk of non-disclosure is judged by the helpline team, the CEO and the Chair to be sufficiently serious, the information will be disclosed without consent.
Individuals may provide information of a personal and sensitive nature about their health, finances, work circumstances or personal difficulties. A record of the discussion will be kept to ensure that the appropriate response is provided, particularly if the individual contacts LawCare again. Notes may record the key points or issues raised, the information given by Helpline staff/volunteers, relevant background information and any follow-up action, as well as contact details if disclosed. Access to this information is limited to staff only on a need-to-know basis.
We keep computer-based records of all the information provided to us. All personal and sensitive data is processed in accordance with the requirements of the Data Protection Act 1998.
We collect routine statistical information about those using our services, which is anonymised and used for reporting and evaluation purposes. This information may be summarised and used in LawCare publications. We take great care to ensure that no individually identifiable information is disclosed.
The period for which records are held before destruction is informed by current data protection legislation and good practice within the helpline sector.
Access to Records
Under the Data Protection Act (1998) individuals have the right to access information held about them. Individuals may request a copy of the personal data held about them by LawCare by emailing firstname.lastname@example.org
LawCare needs to keep certain information on its service users, employees, volunteers and trustees to carry out its day to day operations, to meet its objectives and to comply with legal obligations.
The organisation is committed to ensuring any personal data will be dealt with in line with the Data Protection Act 1998. To comply with the law, personal information will be collected and used fairly, stored safely and not disclosed to any other person unlawfully.
The aim of this policy is to ensure that everyone handling personal data is fully aware of the requirements and acts in accordance with data protection procedures. This document also highlights key data protection procedures within the organisation.
This policy covers employed staff, trustees and volunteers.
In line with the Data Protection Act 1998 principles, LawCare will ensure that personal data will:• Be obtained fairly and lawfully and shall not be processed unless certain conditions are met• Be obtained for a specific and lawful purpose• Be adequate, relevant but not excessive• Be accurate and kept up to date• Not be held longer than necessary• Be processed in accordance with the rights of data subjects• Be subject to appropriate security measures• Not to be transferred outside the European Economic Area (EEA)
The definition of ‘Processing’ is obtaining, using, holding, amending, disclosing, destroying and deleting personal data. This includes some paper based personal data as well as that kept on computer.
The Personal Data Guardianship Code suggests five key principles of good data governance on which best practice is based. LawCare will seek to abide by this code in relation to all the personal data it processes, i.e. • Accountability: those handling personal data follow publicised data principles to help gain public trust and safeguard personal data. • Visibility: Data subjects should have access to the information about themselves that an organisation holds. This includes the right to have incorrect personal data corrected and to know who has had access to this data. • Consent: The collection and use of personal data must be fair and lawful and in accordance with the DPA’s eight data protection principles. Personal data should only be used for the purposes agreed by the data subject. If personal data is to be shared with a third party or used for another purpose, the data subject’s consent should be explicitly obtained.• Access: Everyone should have the right to know the roles and groups of people within an organisation who have access to their personal data and who has used this data. • Stewardship: Those collecting personal data have a duty of care to protect this data throughout the data life span.
Under the Data Protection Guardianship Code, overall responsibility for personal data in a not for profit organisation rests with the governing body. In the case of LawCare this is the Board of Trustees.
The Board of Trustees delegates tasks to the Chief Executive. The Chief Executive is responsible for:• understanding and communicating obligations under the Act• identifying potential problem areas or risks• producing clear and effective procedures• notifying and annually renewing notification to the Information Commissioner, plus notifying of any relevant interim changes
All employed staff, trustees and volunteers who process personal information must ensure they not only understand but also act in line with this policy and the data protection principles.
Breach of this policy will result in disciplinary action for staff, and/or action judged appropriate by the Chief Executive and Board of Trustees for staff and volunteers.
To meet our responsibilities, staff, volunteers and trustees will:• Ensure any personal data is collected in a fair and lawful way;• Explain why it is needed at the start;• Ensure that only the minimum amount of information needed is collected and used;• Ensure the information used is up to date and accurate;• Review the length of time information is held;• Ensure it is kept safely;• Ensure the rights people have in relation to their personal data can be exercised
We will ensure that:• Everyone managing and handling personal information is trained to do so. • Anyone wanting to make enquiries about handling personal information, whether a member of staff, volunteer or service user, knows what to do; • Any disclosure of personal data will be in line with our procedures.• Queries about handling personal information will be dealt with swiftly and politely.
Staff and Volunteers are trained about the Data Protection Act and how it is followed on induction by the Chief Executive (for staff) and during initial training (for volunteers).
Gathering and checking information
Before personal information is collected we will consider whether it is required, and whether the purposes for which it is required are in the caller’s interests.
We will inform people whose information is gathered that we will keep a brief note on LawCare’s secure server, and direct them to the terms of the confidentiality and data protection policies on our website.
We will take measures to ensure that personal information kept is accurate, including reading back phone numbers and checking spelling of unusual names with the caller.
Personal sensitive information will not be used apart from the exact purpose for which permission was given.
LawCare will take steps to ensure that personal data is kept secure at all times against unauthorised or unlawful loss or disclosure. It will do this by keeping data on a secure server only accessible by staff with individual login details and passwords. Personal data may not be printed, downloaded or otherwise removed from the server. Laptops and other devices should not be left logged into the server when not in use, or when in an unsecure or public location.
Any unauthorised disclosure of personal data to a third party by an employee may result in disciplinary proceedings.
Any unauthorised disclosure of personal data to a third party by a volunteer or trustee may result in whatever remedial action is deemed appropriate by the Chief Executive.
Subject Access Requests
Anyone whose personal information we process has the right to know:• What information we hold and process on them• How to gain access to this information• How to keep it up to date• What we are doing to comply with the Act.
They also have the right to prevent processing of their personal data in some circumstances and the right to correct, rectify, block or erase information regarded as wrong.
Individuals have a right under the Act to access certain personal data being kept about them on computer and certain files. Any person wishing to exercise this right should apply in writing to Elizabeth Rimmer, Chief Executive, PO Box 5192, Bath BA1 0UB.
Before access is granted we will require information sufficient to identify without doubt the correct file. We will also require proof of identity of the person making the request.
Queries about handling personal information will be dealt with swiftly and politely.We will aim to comply with requests for access to personal information as soon as possible, but will ensure it is provided within the 40 days required by the Act from receiving the written request.
This policy will be reviewed at intervals of 2 years to ensure it remains up to date and compliant with the law.
GeneralWe will make it our goal to ensure that every helpline caller feels supported and reassured by their call to LawCare.We will work to anticipate the needs of those we serve by proactively working to meet their needs.We will hold ourselves and each other accountable for our service commitment.We will be conscious of our communication style and communicate in a professional manner.
Helpline CallsWe will greet callers in a courteous and professional manner, identifying the service when we answer.We will listen respectfully and actively to callers and assist callers to the best of our ability.Where calls fall outside the remit of the helpline we will explain this clearly and, where possible, direct the caller to another source of support before ending the call.When making a referral to a peer supporter we will obtain the caller’s verbal permission to discuss the substance of their call with the supporter.At the end of a helpline call we will summarise what has been discussed and any action which is to be taken and invite the caller to call the helpline again if necessary.We will finish our encounters with our callers in a courteous and professional way.We will maintain complete confidentiality, taking any and all steps required to protect the information entrusted to us.
VoicemailWe will respond to voicemails within 24 hours during normal business hours.We will update our voicemail greeting, advising callers when we will be out of the office for an extended period of time (full day or more), informing callers of when we will return and who they may contact instead.EmailWe will respond to emails within 24 hours during normal business hours.We will update our email notification message when we will be out of the office for an extended period of time (full day or more). We will indicate our expected return date and indicate a contact person (if applicable).
InternalWe will interact with each other in a courteous and professional manner.We will work to resolve issues with colleagues by discussing problems directly and working toward agreed upon solutions.We will be considerate, cooperative and helpful to every staff member We will hold ourselves and each other accountable for addressing inappropriate comments and behaviour.We will make a conscious effort to compliment colleagues when their actions comply with these standards.
We aim to provide a high quality support and information service to people working within the legal community and their families. It’s important that we know about any problems so we can deal with them quickly and effectively.
We recognise that sometimes our service may not meet people’s needs or expectations and when this happens it’s important that we know about it so we can respond to any problems. This also helps us to continue to improve the service we offer.
What to do if you have a complaint about LawCare’s service, staff or volunteers Please contact the Chief Executive by email at email@example.com or write to her at Elizabeth Rimmer, CEO, LawCare PO Box 5192, Bath BA1 0UB
If your complaint is about the CEO please put this in writing to the Chair, Bronwen Still, PO Box 147, Benfleet, SS7 3WZ or email firstname.lastname@example.org
All complaints are confidential and will be acknowledged in writing within 3 days and where possible the outcome of any investigation notified to you within in 14 days.
ProcessThe CEO will notify the Chair of any complaint received. The complaint will be investigated by discussing it with relevant staff/volunteer/team and the complainant. The CEO will respond on behalf of LawCare (in consultation with the Chair) to the complainant and take any appropriate follow up action. Where the complaint is about the CEO, the Chair will follow the same process and consult with the Board.
The response may include:
• An explanation and an apology• An explanation of any relevant policy• An indication of changes made as a result of the complaint• Notification of any disciplinary action• A rejection of the complaint
There is no right of appeal to the Chair or Trustees as all complaints are responded to in consultation with them.