Implementing GDPR within NHS Digital
We have built on our track record of data security and our compliance with the Data Protection Act 1998 (DPA) to remain compliant with changing data protection law. We established an internal working group to implement the GDPR before it came into effect. This group was supported by guidance issued by the ICO and the GDPR health working group. We outlined our strategic approach in our GDPR Strategy document and in our GDPR Prioritisation plan.
Impact on customers and stakeholders
Our systems and services have not changed and there has been no impact on our service delivery.
Impact on the public whose data we hold
Our duty to safeguard patient data has not changed and is our priority. The GDPR creates some new rights for individuals and also it strengthens some of the rights that currently exist under the DPA. We have worked to make sure that these rights are properly implemented, and any changes in the ways we collect, store or share your data are communicated through the website.
Last edited: 21 May 2019 1:02 pm