Providing data analysis support to Partners

Age UK are setting up a programme that will provide support to Partners to help analyse your data. Find out how to get involved.

As you know, Age UKs collect data from delivering services to older people, their families, and carers which requires analysis on an almost daily basis. This allows Partners to report on these services, provide insight to understand service users and improve services. However, we are aware that for some Partners there either is not the capacity internally to do this analysis, or the access to software required to fully explore the data. Therefore, Age UK are setting up a programme that will provide support to Partners to help analyse your data. Full details can be found below.

Age UK are setting up a programme that will allow Partners to access support from Age UK to analyse their data.

This support will cover:

  • Statistical analysis of existing datasets, from small single-issue datasets to whole service or organisation datasets
  • Support to consider data collection, and plans to improve data collection
  • Provide support to plan analysis and embed analysis in day to day operations
  • Support to interpret and create action plans based on findings from analysis

If you are interested in taking part, or have any questions, please contact This offer is not time limited and will be available as a support offer until further notice.

In case you missed it: we posted earlier this week about a new template Data Privacy Impact Assessment resource which may also be of interest. Click here for further details.

New resource available – template Data Privacy Impact Assessment

Colleagues at Age UK have developed a template to respond to recent enquiries from Partners about how to complete a Data Privacy Impact Assessment (DPIA).

In response to a number of recent enquiries from partners about how to complete a Data Privacy Impact Assessment (DPIA), colleagues at Age UK have developed a template, based on what we do at Age UK. The sections follow the same structure as the ICO template, but include some examples and more specific questions to help guide people and prompt them to consider what an answer might look like / prevent them from over-thinking the exercise.

At the end of the document, there are some helpful ICO links and a link to the GDPR toolkit, which talks about DPIAs. There are also pointers to key documents that usually accompany a DPIA: a data flow and risk assessment.

The guidance can be found here.

Please note that the first paragraph is a message for whoever is completing the DPIA and should be deleted upon completion.

Information & Advice Quality Programme – common areas identified for improvement

Age UK’s Quality & Transformation Team have identified some common areas for improvement across the advice sector. Find the most recent trends below.

Age UK’s Quality & Transformation Team regularly review areas of compliance with the I&A Quality benchmarks, so that we can share learning across the network. We have found that the most common areas identified for improvement are similar to those identified across the independent advice sector as a whole and are important elements of quality assurance. Read on to view the most recent trends.

Most common areas of non-compliance for Quality of Advice

  • Lack of sufficient relevant information gathered to give correct advice
  • Insufficient advice recorded or incomplete advice given e.g. no means-tested benefits check when disability benefits awarded
  • Limited use of Factsheets and Information Guides to back up advice given
What can be done to avoid these?

Training in case-recording and/or the key Age UK topic areas of benefits and community care can help ensure your clients are getting the correct advice – further details can be found on the loop here.

Most common areas of non-compliance for Service Management

  1. Data Protection / Client confidentiality e.g. lack of consent or secure storage of client data
  2. Not recording sufficient client details for information enquiries (leading to under- reporting of work, clients needing to repeat their story on returning)
  3. Lack of Technical Supervision of advisors (usually of the Manager), including regular file checking to ensure accurate advice is given
  4. Lack of planning for a sustainable service
What can be done to avoid these?
  1. Ensure you have evidence of the clients’ consent to process their data, including to store it, share it with third parties, and share it with Age UK for quality audit. Ensure you record and date consent on the client record.

Please Note: legitimate interests as a basis for processing the data should not be used for special category data (i.e. personal sensitive data e.g. health, politics, ethnicity, religion). The ICO sets a higher bar for the way this data is handled, as it could create a higher risk of, for instance, unlawful discrimination. Consent is the best way to treat this type of data, as it is most transparent and simple.

The GDPR Toolkit on the loop can be found here.

  1. Ensure all staff providing I&A are aware of your procedures for recording information enquiries. This helps ensure the client does not have to keep repeating their “story”, and ensures you are not under-recording your work and reach. Enquiries should not routinely be recorded as “Anonymous” – only if consent is not given, or for very simple enquiries.
  2. Ensure you have procedures for both regularly checking the accuracy of advice and that your case management procedures are being followed, as well as the more in depth file reviews (IFRs) carried out less frequently. Ensure these include the advice carried out by the Supervisor or Manager). This is even more important when staff are working remotely or from home.
  3. Ensure the current year 12 month plan and budget is regularly reviewed. A short outline plan for the following 2 years is needed – it does not need to be in detail but should include an outline plan for a sustainable service.

Additional support newsletter from Stephens Scown

Stephens Scown have produced a newsletter to introduce the other services they offer to support the charity sector.

Stephens Scown, who offer the Age UK HR Express service, have put together a newsletter that describes the other areas of legal advice where they are able to offer support e.g. charity law, commercial real estate, business disputes, intellectual property and data protection. This support would be charged for. To find out more, please click here.

Important Changes to the DBS Verification Process for local Age UKs

Local Age UKs need to make a change to the verification process for your DBS checks to make sure Age UK doesn’t receive confidential information about your employees and volunteers.

Age UK have been receiving some emails from GBG notifying us of the progress of DBS checks requested by local Age UKs. This means we receive personal, confidential information about your employees and volunteers which we shouldn’t have access to. To make sure that we don’t get these emails, the Disclosure Manager at your organisation will need to log in to the GBG system and change the verification process so that Age UK doesn’t get any notifications. An explanation of how to do this is linked below.

GBG have a number of User Guides available on the home page when you first log-in, these provide step-by-step instructions on most activities including how to change your Disclosure Manager and Verifier. If you have any questions, please contact:

Age UK have recently agreed our DBS policy and procedure, this provides clarity on our decision-making on the use of DBS, especially at Basic level where there is no set criteria on the roles this applies to. It also includes guidance on the required frequency of checks and how long personal data will be stored for. If you don’t have a DBS Policy and procedure, and would like to see a copy of the Age UK version as an example, please email

Updated resources to help you ensure GDPR compliance

We’ve received a number of enquiries regarding GDPR compliance and how to ensure this when working in quite different ways due to the pandemic.

Over recent weeks, we’ve received a number of enquiries regarding GDPR compliance and how to ensure this when your organisations are working in quite different ways. We’ve also sadly learnt from the closure of a couple of partners, that without the right wording in your privacy policy, service users can be left without any access to alternative support or information about other options when an organisation closes.

We have therefore:

Updated the GDPR toolkit on the loop – to include latest insights into effective GDPR implementation. Click here to view.

Added a paragraph to our template privacy policy for partners – making it possible for you to transfer people’s data should your organisation need to close suddenly. Click here to view.

Worked with experts at Zurich to develop a webinar that covers how you can ensure effective information security during the pandemic. Click here to view.

We hope you find these resources useful and if you have any questions, need further support please contact the Partner Helpdesk –

Zurich’s Information Governance webinar now available to view

The latest Zurich webinar covers Information Governance, including some simple actions to help you take control of data across your organisation.

The latest of the Zurich webinars is now available. Delivered by Steve Tyrell, Zurich’s UK Information Governance Officer, this webinar covers Information Governance – specifically how some simple changes can help you to have more control over the data across your organisation. You can view the full recording along with downloadable slides later in this article.

Zurich describe the webinar as follows:

Information Governance (IG) is not IT Security. IG is about ensuring you know where your data is, how it is classified and how it moves about your organisation, but more critically, whether it gets shared externally. Having some simple controls in place that don’t need big investments of IT spend can be really helpful.  

You are probably doing some of this now but also there will be areas to consider where simple changes can help demonstrate to your employees, customers and other people who you interact with that you take protecting data seriously.  

You should be able to take away some simple actions that could help you better control data, taking into account changes that you may have needed to make to your working practices and how you operate your procedures in light of Covid-19. This in turn will help you get more comfort around compliance with aspects of Data regulation (GDPR).

Click below to download the accompanying slides and view the full webinar underneath:

There is an option to leave feedback on these webinars via this link. So far Zurich have received only a handful of feedback forms across all webinars shared. Feedback provided will help to shape the content of these free webinars and will help demonstrate to Zurich that their support is very much valued!