GDPR Statement
We are proud to provide high quality healthcare services to our customers. Data Protection legislation is not new to us, and we have been complying with the Data Protection Act since 1998. The GDPR sets the benchmark for data protection compliance, and we continually strive to achieve these stringent standards.
We have implemented both technical and organisational measures to ensure we are compliant with legislation. We regularly review all our systems and applications, and remedial action is taken where necessary to keep personal data secure.
We are confident that we can demonstrate our accountability and compliance. Our Data Protection policies and procedures are periodically reviewed and updated to ensure we are up-to-date and compliant to the GDPR. Third party contracts have been reviewed to ensure they are in line with Brexit and the changes affecting data processing.
Article 30 of the GDPR requires specific records to be kept of data processor activities. We have data inventories across all of our business areas to map what personal data we hold on behalf of data subjects, where it comes from, who we share it with and what we do with it. This provides us with the foundation of our GDPR compliance.
We promote a positive culture of data protection and compliance through awareness and training for all staff.