15 Nov 2021
by Carole Broughton

From 11 November 2021, staff, volunteers and visiting professionals must be fully vaccinated against COVID-19, or have an exemption, if they enter a care home in England. 

The new measures have implications for data protection compliance, but there are new resources to help providers.  The regulations say that a care home may process information about vaccination or medical exemption status, but this must be done in a way that is consistent with data protection legislation. This includes updating information asset registers, records of processing activity, and the organisation’s privacy notice. Care homes will also be required to complete a data protection impact assessment (DPIA).

Digital Social Care has published information on the requirements, including a draft privacy policy and DPIA.  Find out more.  

These resources may also be of interest to homecare services, who will need to comply with vaccination as a condition of employment from 1 April 2022, though we would hope versions of the above documents drafted specifically for the homecare sector would be issued in due course.

Separately, on data protection compliance more generally, Digital Social Care’s Better Security, Better Care team is offering a free, limited service to check individual care providers’ responses to DSPT questions and provide advice. More about the DSPT review service.  

Care providers are invited to take the Better Security, Better Care quick quiz on keeping data safe. Take the Just a Minute quiz.

Thank you to the Care Provider Alliance for this information. 

Related topics