Privacy Notices - Data matching and the National Fraud Initiative

Introduction

Swindon Borough Council is required by law to protect the public funds it administers. As part of this responsibility it is required to share information provided to it with other bodies to prevent and detect fraud or error.

One of these exercises is the National Fraud Initiative, where the council and many other organisations are required to submit data for matching and analysis for this purpose.

The council also carries out internal data matching for the same purpose.

It also provides information to external bodies, for example we currently contract a third-party data analysis company, who analyses our Council Tax data to help us identify fraud and error

You need to be aware of this privacy notice if you apply for council services that take part in the Cabinet Office’s National Fraud Initiative exercise, or apply for services that are subject to external data matching with external bodies, or for services where the council carries out internal data matching to prevent and detect fraud and error.

Who is collecting and using your personal data?

Swindon Borough Council is the data controller for the personal information collected as part of the National Fraud Initiative, until it is submitted to the Cabinet Office for data matching.

The data controller for the data matching is the Cabinet Office, who then return potential matches to be investigated to the council’s internal audit section, via a secure website.

For internal data matching exercises and data matching with other external bodies the council is the data controller.

Your personal data – what is it?

Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of data is governed by the General Data Protection Regulation 2016/679 (the “GDPR”).

What personal data do we collect?

For the National Fraud Initiative exercise the information we are required to submit by law in this data matching exercise is determined by the Cabinet Office.

Personal data from the following systems are collected and sent to the Cabinet Office:

  • HR and Payroll
  • Pensions (provided by Wiltshire Pension fund)
  • Trade creditors’ payment history and trade creditors’ standing data
  • Housing (current tenants) and right to buy
  • Housing waiting lists
  • Housing benefits (provided by the Department for Work and Pensions)
  • Council tax reduction scheme
  • Council tax (required annually)
  • Electoral register (required annually)
  • Students eligible for a loan (provided by the Student Loans Company)
  • Private supported care home residents
  • Transport passes and permits (including residents’ parking, blue badges and concessionary travel. Blue badge and concessionary travel data are supplied directly by the companies who administer these systems on behalf of the Council)
  • Licences – market trader/operator, taxi driver and personal licences to supply alcohol
  • Personal budgets (direct payments).

The council uses these datasets in internal data matching exercises and may add to this list in the future. Where required, appropriate data sharing arrangements are in place.

We currently contract a third-party data analysis company, who analyses our Council Tax data to help us identify fraud and error.

How do we process your personal data?

Swindon Borough Council is required by law to protect the public funds it administers. We share information provided with other bodies in order to prevent and detect fraud or error. We also periodically match this data using tools within the council for the same purpose.

This data matching involves comparing computer and paper records held by one body against other computer records held by the same or another body to see how they match.

This data matching allows potentially fraudulent claims and payments to be identified.

Where a match is found it may indicate that there is an inconsistency which requires further investigation. No assumption is made as to whether there is fraud, error or other explanation until an investigation is carried out.

When fraud or error is identified, we take action and update records accordingly.

How the law allows us to use your information

The use of data by the Cabinet Office in a data matching exercise is carried out under Part 6 of the Local Audit and Accountability Act 2014 and is mandatory.

It does not require the consent of the individuals concerned under the Data Protection Act 2018.

Other data matching is carried out in line with the requirements of the Data Protection Act 2018, or other relevant legislation.

Who do we share your information with?

We share the information you have provided with the Cabinet Office and other mandatory and voluntary participants in the National Fraud Initiative.

The full list of mandatory and non-mandatory participants and more information about the National Fraud Initiative exercise in the Cabinet Office’s privacy notice.

We currently contract a third-party data analysis company, who analyses our Council Tax data to help us identify fraud and error.

How do we protect your information?

We will do what we can to make sure we hold records about you in a secure way, and we will only make them available to those who have a right to see them.

For the National Fraud Initiative we use the Cabinet Office’s secure portal for submission of data and review of matches.

What you can do with your information

Your rights under the National Fraud Initiative are stated in the Cabinet Office's privacy notice.

All processing related to internal data matching and handling of data in the council is subject to the provisions of the Data Protection Act 2018.

The Data Protection Act 2018 gives you a number of rights in relation to your data, although some exemptions relating to the prevention and detection of crime may apply.

For further details on how your information is used, how we maintain the security of your information, and your rights to access information we hold on you please contact customerservices@swindon.gov.uk or contact the Data Protection Officer at:

Swindon Borough Council
Civic Offices
Euclid Street
Swindon
SN1 2JH

Your right to complain

If you consider that your personal data has been misused or mishandled, you may make a complaint to the Information Commissioner, who is an independent regulator. The Information Commissioner can be contacted at:

Information Commissioner's Office 
Wycliffe House 
Water Lane 
Wilmslow 
Cheshire 
SK9 5AF 

Telephone: 0303 123 1113

Email: casework@ico.org.uk

Any complaint to the Information Commissioner is without prejudice to your right to seek redress through the courts.

Main privacy notice

You are viewing the Privacy Notice for data matching and the National Fraud Initiative.

Read the main Privacy Notice