National Fraud Initiative (NFI) privacy notice
1 Council Contact Details
1.1 West Northamptonshire Council
One Angel Square
Tel: 0300 126 7000
This notice explains what personal data (information) we hold about you, how we collect it, how we use it and how we may share information that we hold about you in order to deliver our services. We are required to give you this information under data protection law. West Northamptonshire Council (WNC) is committed to protecting your privacy when you use our services. The Privacy Notice below explains how we use information about you and how we protect your privacy.
WNC complies with data protection legislation (the Data Protection Act 2018 and the UK General Data Protection Regulation (UK GDPR)) and are registered as ‘Data Controllers’ (Reg. No. ZA896620).
1.2 West Northamptonshire Council is required by law to protect the public funds it administers. It may share information provided to it with other bodies responsible for auditing or administering public funds, in order to prevent and detect fraud.
WNC participate in the Cabinet Office’s National Fraud Initiative (NFI), a data matching exercise to assist in the prevention and detection of fraud. We are required to provide sets of data to the Minister for the Cabinet Office for data matching.
Data matching involves comparing computer records held by one body against other computer records held by the same or another body to see how far they match. This is usually personal information. Computerised data matching allows potentially fraudulent claims and payments to be identified. Where a match is found it may indicate that there is an inconsistency which requires further investigation. No assumption can be made as to whether there is fraud, error or other explanation until an investigation is carried out.
The Cabinet Offices requires us to participate in a data matching exercise to assist in the prevention and detection of fraud. We are required to provide particular sets of data to the Cabinet Office for matching for each exercise, and these are set out in the Cabinet Office Guidance.
For further information on the Cabinet Office’s legal powers and the reasons why it matches particular information, see the National Fraud Initiative privacy notice.
1.3 Contact details:
The data controller for your matched personal data is the Cabinet Office. The contact details for the data controller are:
Head of the NFI
1 Horse Guards Road
Email: [email protected]
2 Information that we hold
Information used for data matching is already held within separate service secure systems within the Council. The data from one service is matched to another service or other Councils or government organisations. Data matching allows potentially fraudulent claims and payments to be identified.
2.1 The Council is required to take part in the NFI and to provide sets of data to the Minister for the Cabinet Office for data matching National Fraud Initiative privacy notice.
The NFI use information that you provide the Council when making a claim or applying for:
- personal budget/social care
- taxi driver licence
- market trader license
- personal alcohol licence
- social housing (current tenants and individuals on a housing waiting list)
- Right to Buy (completed and in progress)
- transport pass and permit
- Council Tax Reduction Scheme
- Universal Credit
- Housing Benefit
- other state benefits
- COVID-19 financial support
- help with NHS health costs
Information that you provide when seeking payment of an invoice from an organisation that takes part in the NFI. This is referred to as trade creditor standing and payment history data.
Information that you provide when seeking payment for employment from an organisation that takes part in the NFI. This is referred to as payroll data.
Information that you provide when registering to vote. This is referred to as Electoral Register data.
Information that you provide in relation to your council tax and in relation to your business rates.
Information that you provide in relation to residents in a private care home supported by an organisation that takes part in the NFI.
The data specifications setting out exactly what data we process in the above areas can be found on the National Fraud Initiative: public sector data specifications page.
3 How the information is obtained
3.1 Most of the personal information the Council process is provided to us directly by you or your representative for one of the following reasons:
- as part of an application for a service, discount or benefit
- supplier or contract for a service or product
- employee payroll
3.2 The NFI is conducted using the data matching powers bestowed on the Minister for the Cabinet Office by Part 6 of the Local Audit and Accountability Act 2014 (the Act). It does not require the consent of the individuals concerned under current data protection legislation. There are certain public sector bodies that are required to provide data for the NFI on a mandatory basis, including local authorities, such as West Northamptonshire Council. In addition, other bodies or organisations, such as Housing Associations, can provide data to the Cabinet Office for matching on a voluntary basis under schedule 9, 3 of the Act.
Data matching by the Cabinet Office is subject to a Code Of Data Matching.
West Northamptonshire Council has a zero tolerance for fraud and undertake data matching activities for certain services on a more frequent basis for the same purposes. More regular matching and/or bespoke data matching is completed using the NFI Fraud Hub which is an extension to the standard program of national matching, allowing NFI participant bodies to screen their data regularly and effectively in order to prevent errors in processing payments and to reduce fraud. WNC may rerun the same data matches securely within the NFI portal more often to support certain services within the Council.
It is estimated that losses to Government through fraud are in the region of £31bn to £49bn per annum. It is in all our interests to prevent fraud, and public bodies have a particular responsibility to ensure that taxpayers’ money is spent appropriately and is not taken out of the system fraudulently.
The fraud power in section 56 of the Digital Economy Act 2017 creates a permissive gateway that enables information to be shared between specified persons in order to share information and take action in connection with fraud against a public authority. Information sharing between public authorities will help to improve the ability to identify and reduce the risk of fraud against WNC and recover public sector funds.
Fraud against a public authority for the purposes of the Digital Economy Act 2017 means a fraud offence which involves (a) loss to a public authority, or (b) the exposure of a public authority to a risk of loss. Taking action in the context of this power includes: preventing, detecting, investigating and prosecuting fraud, bringing civil proceedings, and taking administrative action as a result of fraud.
The legislation which supports the NFI and Fraud Hub for data matching purposes are:
- Local Audit and Accountability Act 2014
- The Digital Economy Act 2017
4 What we do with the information
4.1 We use the information that you have given us in order to enable the Council to fulfil its financial responsibility and regulatory requirements in preventing and detecting fraud or error.
The information will only be used for these purposes. Information will not be sold, rented or provided to anyone else, or used for any other purpose than that for which it was originally collected unless required to by law.
4.2 Information may be shared in the following circumstances:
- Shared internally with other WNC services in order to identify fraud or error, ensure our records are accurate and up-to-date, and to improve the standard of the services we deliver
- Shared with other local authorities, and/or government departments including law enforcement in order to identify fraud or error, to ensure our records are accurate and up-to-date, and to improve the standard of the services we deliver
Information sharing is undertaken in accordance with UK GDPR and the Data Protection Act 2018.
5 How long we keep your information for and how we securely dispose of it after use
5.1 We keep your personal information for as long as regulatory bodies require us to and in line with the Council’s retention schedules.
5.2 Where a possible fraud has been highlighted but no fraud identified, information will be securely destroyed and not retained for these purposes. All data matched records are retained until the end of the initiative program of two years. If a match leads to a fraud, the investigation records are held for two years from the conclusion date, unless convicted by a criminal court, where the record is held for five years from date of conviction.
6 How we store your information
6.1 Your information is securely stored on the Council’s systems and the extracted matched information is held securely within the National Fraud Initiative portal. Access to this information is secure and restricted to Council appointed staff only.
7 Your data protection rights
7.1 The law gives you a number of rights to control what personal information is used by us and how we can use it. Please see section 15 of the council’s Corporate Privacy Notice for further information.
7.2 Please be aware that your rights may differ depending on the lawful basis for processing your personal data.
8 Who to contact
8.1 If you would like further information about how we use your personal information, or you wish to exercise one of your data rights or you wish to complain about the use of your personal information please contact the Data Protection Officer:
8.2 If you are still dissatisfied once you have contacted the Data Protection Officer, you have the right to complain to the ICO.
The ICO’s address:
Information Commissioner’s Office
Helpline number: 0303 123 1113
9 Changes to this privacy notice
9.1 Privacy notices are live documents, which will be updated or revised in line with legislation.
Last updated 29 July 2022