quote HEE facebook linkedin twitter bracketDetail search file-download keyboard-arrow-down keyboard-arrow-right close event-note
Workforce, training and education

You are here

  1. Home
  2. Data Protection Impact Assessment Policy 2021

Data Protection Impact Assessment Policy 2021

1. Introduction

1.1 HEE is committed to ensuring that a Data Protection Impact Assessment (DPIA) system is in place to meet legal and statutory obligations regarding privacy, confidentiality, and data protection.

1.2 DPIAs are a mandated structured assessment of the potential impact on confidentiality, privacy, and data protection legislation for new or changed programmes, projects, processes, or systems involving personal and / or special category data. It is important that all new programmes, projects, processes, information systems and other relevant information assets are developed and implemented in a secure and structured manner and comply with legal and statutory requirements.

2. Purpose

2.1 All new programmes, projects, processes, and systems, which are introduced within the organisation must comply with confidentiality, privacy, and data protection / Caldicott requirements (Annex A). All new programmes, projects, processes, or systems must be tested against these requirements before they are introduced.

2.2 This policy and accompanying procedure detail the process to be followed to ensure a formal assessment is completed. To determine whether any proposed changes to HEEs programmes, projects, processes, systems, and information assets impacts on the confidentiality, integrity and accessibility of personal and / or special category data, HEE will utilise the DPIA to test against these requirements.

3. Scope

3.1 This policy applies to all departments and functions within HEE and those working on behalf of HEE.

3.2 Adherence should be observed by all members of staff, contractors and partner organisations working on behalf of HEE, that introduce new programmes, projects, processes or systems that are likely to involve a new use or significant change to the way in which personal and / or special category data is handled and processed.

4. Definitions

4.1 Anonymisation

Anonymous information is information which does not relate to an identifiable person or has been modified in such a manner that the data subject is no longer identifiable. Anonymisation is different from pseudonymised data as outlined below.

4.2 Data Protection Impact Assessment (DPIA)

A DPIA is an evaluation tool mandated by data protection legislation designed to systematically analyse, identify, minimise, and address the data protection, confidentiality, and privacy risks of an information asset and / or information flow.

4.3 Information Asset Administrator (IAA)

IAAs provide operational support to their IAOs and have a range of duties including ensuring that HEEs IG policies and procedures are followed. IAAs are individuals with delegated management responsibility for information assets and they are responsible to the IAO for the content; operation and performance of an asset, ensuring information assets are adequately protected to ensure confidentiality, integrity, and availability.

4.4 Information Asset Owner (IAO)

IAOs are responsible for ensuring that risk to information assets are addressed, adhering to compliance as stated within policy within their area of responsibility, for reporting assurance and any significant risks to the Information Governance (IG) team and SIRO.

IAOs are responsible for ensuring that appropriate actions are taken within their service for protecting against any reasonably anticipated threats or hazards to the confidentiality, availability, integrity, and security of the information. Delegated responsibilities may be cascaded to other members of staff known as Information Asset Administrators (IAAs).

4.5 Personal data

Any information relating to a person (a ‘data subject’) who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person.

4.6 Pseudonymisation

Pseudonymisation refers to the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information. The additional information, or key, must be kept separately and securely and is subject to technical and organisational measures; ensuring that the personal data is not attributed to an identifiable living person. For instance, two separate spreadsheets, each containing half of the data subject’s personal identifiers.

4.7 Senior Information Risk Owner (SIRO)

The SIRO (Director of Corporate Accountability and Engagement) should be familiar with confidentiality, privacy and data protection risks and provides the focus for the management of information risk. The SIRO provides the Chief Executive with assurance that information risk is being managed appropriately and effectively across the organisation and therefore must ensure that DPIAs are carried out for all new or significantly changed programmes, projects processes and systems as required.

4.8 Special category data

Special category data is personal data that is deemed more sensitive, and therefore needs more protection. This type of data could create more significant risks to a person’s fundamental rights and freedoms for example, by putting them at risk of unlawful discrimination. The following information about an individual is categorised as special category data:

  • race.
  • ethnic origin.
  • politics.
  • religion.
  • trade union membership.
  • genetics.
  •  biometrics (where used for ID purposes).
  • health.
  • sex life; or
  • sexual orientation.

5. Duties

5.1 Responsibility for ensuring that the Screening Questions and DPIAs are completed, where required, resides with all IAOs, Heads of Service and HEEs SIRO.

5.2 Line Managers are responsible for ensuring that their members of staff (permanent, temporary, contractors or otherwise) are aware of the DPIA process.

5.3 Members of staff that are implementing or changing a programme, project, process, or system, should use this policy to ensure that processing remains compliant with current legislation.

5.4 This policy applies to all members of staff and all types of information processed by HEE. Further details of responsibilities are to be found in the organisation’s other policies and procedures.

5.5 The IG team are responsible for providing advice and guidance in relation to any confidentiality, privacy or data protection risks as well as suggesting mitigating actions to reduce the likelihood and impact of any identified risks.

5.6 The IG team are responsible for the identification of those information assets which require a retrospective DPIA.

5.7 IAOs are responsible for the completion of retrospective DPIAs as required.

5.8 IAOs are responsible for signing off completed DPIAs and by doing so are accepting the risks to the programme, project, process, or system which have been identified within the DPIA.

6. Background to the Data Protection Impact Assessment Process

What is a Data Protection Impact Assessment?

6.1 DPIAs are mandated structured assessments of the potential impact on confidentiality and privacy for new or significantly changed programmes, projects, processes or systems. The DPIA should form part of the overall risk assessment of a new or changed programme, project, process, or system.

6.2 DPIAs support HEE to:

  • anticipate and address likely impacts of new programmes, projects, processes, and systems.
  • identify privacy risks to individuals.
  • foresee problems and negotiate solutions.
  • protect the reputations of HEE and data subjects.

When should a Data Protection Impact Assessment be undertaken?

6.3 Not every new or amended programme, project, process, or system will require a DPIA. Only projects which contain personal and / or special category data, or data that has the means to identify an individual, require a DPIA.

6.4 The Information Commissioner’s Office (ICO) recommends that DPIAs are completed prior to:

  • using innovative technology.
  • profiling or processing special category data to decide on access to services.
  •  profiling individuals on a large scale.
  • processing biometric and / or genetic data.
  • matching data or combining datasets from different sources.
  • collecting personal data from a source other than the individual without providing them with a privacy notice (‘invisible processing’).
  • tracking individuals’ location or behaviour.
  • profiling children or targeting marketing or online services at them.
  • processing data that might endanger the individual’s physical health or safety in the event of a security breach.

The ICO also recommend that it is good practice to complete a DPIA for any project involving the use of personal and / or special category data which aligns with the DPIA advice from the Cabinet Office in relation to Arm’s Length Bodies (ALBs).

6.5 DPIAs are most effective when they are conducted at an early / initiation stage of a programme, process, project, or system. Usually this will be at the design stage and ideally before any systems have been procured.

6.6 The completion of DPIAs are mandated by the Cabinet Office for all NHS programmes, projects, processes, and systems which involve the use of personal and / or special category information.

6.7 DPIAs must also be completed when commissioning new services to ensure that any personal and / or special category data is sufficiently safeguarded when processed by a third party. HEE requires assurances that the data outside of our organisational boundaries is adequately protected.

6.8 DPIAs must be used when scoping for new systems. Completing the DPIA screening questions must form part of the process for service specifications.

Who should conduct a Data Protection Impact Assessment?

6.9 The initial screening questions of the DPIA should be completed by the IAO or delegated to the IAA or a relevant member of the project team.  

6.10 The completed DPIA should be reviewed by the IG team and where appropriate the SIRO, Data Protection Officer (DPO) and Chief Technology Officer (CTO) prior to being signed off by the IAO.

What happens to a completed Data Protection Impact Assessment (DPIA)?

6.11 Completed DPIAs should be reviewed by the appropriate project team and / or the projects IAO. Once agreed by the IAO, the DPIA will be reviewed by the IG team, who will highlight any relevant data protection, confidentiality and privacy risks and provide advice and guidance as to how to mitigate identified risks appropriately.     

6.12 The relevant Head of Service / IAO is responsible for signing off the DPIA, if satisfied that the security of data is and will not be compromised.  By signing off the DPIA the Head of Service / IAO is accepting any risks to the project documented within the DPIA.

6.13 If the protection of the data cannot be satisfied, the new programme, project, process or system should be reviewed prior to its implementation. Any significant privacy risks that are identified and cannot be mitigated must be escalated to the ICO for review.

6.14 A summary non-compliance for DPIAs should be presented to the Information Governance Steering Group (IGSG) (held on a bi-monthly basis).

6.15 DPIAs satisfying compliance, should be presented to the IGSG, documented, and referenced on a central information system register keeping account of all new or significantly changed programmes, projects, processes systems containing personal and / or special category data.

6.16 DPIAs should form part of any project initiation documentation

7. Data Protection Impact Assessments (DPIAs)

Framework

7.1 All new or significantly changed programmes, processes, projects, or systems that involve personal and / or special category data that are planned to be introduced must comply with confidentiality, privacy and data protection legislation and requirements.

7.2 The purpose of the DPIA is to highlight any confidentiality and privacy risks associated with a programme, project, process, or system. The key deliverable of a DPIA is a report which captures the detail of potential risks and impacts identified and the solutions or actions that will reduce the impact or mitigate the risk.

7.3 Data Protection Principles should be applied throughout all programmes, projects, processes, or system lifecycles.

7.4 The DPIA should be started early into the programme, project, process, or system life cycle ensuring that confidentiality and privacy risks are identified and considered before they are implemented into the design and reviewed regularly throughout the lifecycle.

7.5 Privacy and confidentiality implications should be considered at each phase of the programme, project, process, or system lifecycle.

7.6 A DPIA should be conducted by members of the project team, with a strong understanding of the programme, project, process, or system itself, usually the IAO.  Advice and guidance regarding Information Security, Data Protection, Caldicott Principles, Information Sharing, Data Quality and Records Management is available from the IG team (ig@hee.nhs.uk) as required.

7.7 The outcomes of a DPIA should:

  • identify the data protection, confidentiality, and privacy implications of the project.
  • consider the impacts or processing from the perspectives of all stakeholders.
  • identify ways in which negative impacts on privacy can be avoided.
  •  identify ways to lessen negative impacts on privacy.
  • provide clarity as to the business need for processing where a negative impact on privacy is unavoidable.

Projects

7.8 To assist in completing the Screening Questions for a DPIA, a ‘Project Purpose’ should be completed. See Annex B for further guidance.

7.9 There are two steps in the DPIA process:

Step 1 - Screening Questions

i. The DPIA screening questions should be completed for all new or significantly changed, programmes, projects, processes, or systems and returned to the IG team for review.  

ii. Completion of the screening questions will constitute adequate documentation to make a judgement on whether a full DPIA is required.

iii. Example projects that require screening questions to be completed can be viewed within Annex C.  

Step 2 - Data Protection Impact Assessment – completion following advice from the IG Team.

i. A DPIA which the IG team deem as medium / high requires extensive consultation with stakeholders and the Project Board.

ii. In instances where the information or system is deemed to be medium or high risk, a DPIA consultation group should be formed, consisting of the project’s stakeholders to discuss data protection, confidentiality, and privacy risk in detail.  Members of the group should include:

  • Project Lead / Manager
  •  Head of Service  
  • Information Asset Owner (IAO) 
  • Information Governance (IG) Lead
  • Chief Technology Officer
  • Key Stakeholders

7.10 Where the DPIA is deemed as high risk and the documented risks cannot be mitigated to an acceptable level the IG team must refer the DPIA to the ICO for review.

8. Equality Analysis

7.1 As a public body, HEE will give due regard to the need to avoid discrimination and promote equality of opportunity for all members of staff when making policy decisions and implementing this Policy and procedures.

7.2 HEE will also be monitoring the outcome of this policy (on an anonymous basis) to sure there are no underlying themes relating to equality or any other characteristics that suggest any organisation or policy bias.

9. Implications and Associated Risks

9.1 Any new or significantly changed programmes, projects, processes and systems which use personal and / or special category data and have not had at least the screening questions completed may be in breach of data protection legislation and pose a privacy risk for the ‘data subjects’ involved in the processing activity.

9.2 Where screening questions and/ or a DPIA have not been completed prior to the implementation of a new or significantly changed programme, project, process or system an incident report should be completed in the first instance as due process has not been followed.  Retrospective screening questions and / or a DPIA should then be completed.

9.3 Where a DPIA has not been completed for a new or significantly changed programme, project, process or system that involves a ‘high risk’ to the rights and freedoms of ‘data subjects’ this may result in a fine from the ICO.

10. Education and Training Requirements

10.1 The IG team can deliver a training package to any individuals or teams who require DPIA training.  Although the training is not mandatory it is advised that those members of staff who are involved with the DPIA process attend.  Training can be booked via the IG team (ig@hee.nhs.uk).  

11. Monitoring Compliance and Effectiveness

11.1 Data protection, confidentiality and privacy risks should be monitored throughout the project management cycle. Project Managers and IAOs should ensure that the DPIA process is revisited should there be a substantial change to a programme, project, process or system, a significant privacy risk raised, or when a notifiable incident occurs.  

11.2. The IAO is responsible for identifying an IAA to ensure the new or changed programme, project, process, or system is recorded on HEEs Information Asset Register ((IAR)(CoreStream)). The IG team will review HEEs IAR to ensure that the asset has been recorded and the DPIA is uploaded to the relevant asset or information flow.

11.3 Where risks to the programme, project, process or system have been documented within the DPIA, IAOs should revisit these risks on a regular basis to ensure that mitigating actions are being applied consistently and the likelihood and impact of the risks has not increased.

11.4 Where information assets which are identified as business-critical or contain a high volume of personal and / or special category information and, where a DPIA has not ben carried out, the IG team will request that a retrospective DPIA is carried out by the relevant IAO.

12.Associated Documentation

  • HEE Data Protection Impact Assessment Procedure
  • HEE Data Protection Policy   
  • HEE Incident Reporting Policy
  • HEE Information Risk Management Policy
  • HEE Information Security Policy
  • HEE Records Management Policy
  • HEE Business Continuity Policy

13.References

  • Caldicott Principles  
  • Data Protection Act 2018  
  • General Data Protection Regulations 2016
  • National Data Guardian - Data Security Standards

 

ANNEX A - Data Protection and Caldicott Principles

Data Protection Principles of the Data Protection Act 2018

1. The processing of personal data must be lawful, and fair and transparent

The processing of data is lawful only and if to the extent that at least one of the following conditions in schedule 9 of the Data Protection Act 2018 is met–

a) At least one of the conditions in schedule 9 is met, the data subject has given consent to the processing

b) The processing is necessary

i) for the performance of a contract to which the data subject is a party

ii) in order to take steps at the request of the data subject prior to entering into a contract

c) The processing is necessary for compliance with a legal obligation to which the controller is subject, other than an obligation imposed by a contract

d) The processing is necessary in order to protect the vital interests of the data subject or of another individual

e) The processing is necessary

ii) for the administration of justice

iii) for the exercise of any functions of either House of Parliament

iv) for the exercise of any functions conferred on a person by an enactment or rule of law

v) for the exercise of any functions of the Crown, a Minister of the Crown or a government department, or

vi) for the exercise of any functions of a public nature exercised in the public interest by a person

f) The processing is necessary for the purposes of legitimate interests pursued by

i) the controller, or

ii) the third party or parties to whom the data is disclosed

In the case of sensitive processing, at least one of the following conditions identified in schedule 10 of the Data Protection Act 2018 must also be met.

a) Consent to processing – the data subject has given consent to the processing

b) Right or obligation relating to employment – the processing is necessary for the purposes of exercising or performing any right or obligation which is conferred or imposed by an enactment or rule of law on the controller in connection with employment

c) Vital interests of a person – the processing is necessary

i) in order to protect the vital interests of the data subject or another person in a case where

  • consent cannot be given by or on behalf of the data subject, or
  • the controller cannot reasonably be expected to obtain the consent of the data subject, or

ii) in order to protect the vital interests of another person, in a case where consent by or on behalf of the data subject has been unreasonably withheld

d) Safeguarding of children and of individuals at risk – this condition is met if

i) the processing is necessary for the purpose of

  • protecting an individual from neglect or physical, mental, or emotional harm, or
  • protecting the physical, mental, or emotional well-being of an individual

ii) the individual is

  • aged under 18, or
  • aged 18 or over and at risk

iii) the processing is carried out without the consent of the data subject for one of the reasons outlined in sub-paragraph e, and

iv) the processing is necessary for reasons of substantial public interest

The reasons mentioned in sub-paragraph d)iii) are –

i) in the circumstances, consent to the processing cannot be given by the data subject

ii) in the circumstances, the controller cannot reasonably be expected to obtain the consent of the data subject to the processing

iii) the processing must be carried out without the consent of the data subject because obtaining the consent of the data subject would prejudice the provision of the protection mentioned in sub-paragraph d)i)

For the purposes of this paragraph, an individual aged 18 or over is “at risk” if the controller has reasonable cause to suspect that the individual-

i) has needs for care and support

ii) is experiencing, or at risk of, neglect or physical, mental, or emotional harm, and

iii) as a result of those needs is unable to protect himself or herself against the neglect or harm or the risk of it

In sub-paragraph d)i), the reference to the protection of an individual or the well-being of an individual includes both protection relating to a particular individual and protection relating to the type of individual

e) Data already published by data subject – the information contained in the personal data has been made public as a result of steps deliberately taken by the data subject

f) Legal proceedings etc – the processing

i) is necessary for the purpose of, or in connection with, any legal proceedings (including prospective legal proceedings)

ii) in necessary for the purpose of obtaining legal advice, or

iii) is otherwise necessary for the purposes of establishing, exercising or defending legal rights

iv) Administration of justice, parliamentary, statutory etc and government purposes

g) The process is necessary  

i) for the administration of justice

ii) for the exercise of any functions of either House of Parliament

iii) for the exercise of any functions conferred on any person by an enactment or rule of law, or

iv) for the exercise of any functions of the Crown, a Minister of the Crown or a government department

h) Medical purposes  

i) The processing is necessary for medical purposes and is undertaken by-

  • a health professional, or
  •  a person who in the circumstances owes a duty of confidentiality which is equivalent to that which would arise if that person were a health professional

ii) In this paragraph, “medical purposes” includes the purposes of preventative medicine, medical diagnosis, medical research, the provision of care and treatment and the management of healthcare services

j) Equality – the processing

i) is of sensitive personal data consisting of information as to racial or ethnic origin

ii) is necessary for the purpose of identifying or keeping under review the existence or absence of equality of opportunity or treatment between persons of different racial or ethnic origins, with a view to enabling such equality to be promoted or maintained, and

iii) is carried out with appropriate safeguards for the rights and freedoms of data subjects

2. The purpose for which data is collected on any occasion must be specified, explicit and legitimate, and personal data so collected must not be processed in a manner that is incompatible with the purpose for which it is collected.

3. Personal data must be adequate, relevant, and not excessive in relation to the purpose for which it is processed.

4. Personal data undergoing processing must be accurate and, where necessary, kept up to date.

5. Personal data must be kept for no longer than is necessary for the purpose for which it is processed.

6. Personal data must be processed in a manner that includes taking appropriate security measures as regards risks that arise from processing personal data.

Caldicott Principles

The Caldicott Principles were developed and implemented following a review of how patient information was handled across the NHS. There are 7 principles that organisations should follow to ensure that information that can identify a patient is protected and only used when appropriate to do so. HEE does not generally hold patient information however the principles should be applied to all personal data the organisation holds.

1. Justify the purpose(s).

Every proposed use or transfer of personal confidential data within or from an organisation should be clearly defined, scrutinised, and documented, with continuing uses regularly reviewed by an appropriate guardian.

2. Do not use personal confidential data unless it is absolutely necessary.

Personal confidential data items should not be included unless it is essential for the specified purpose(s) of that flow. The need for patients to be identified should be considered at each stage of satisfying the purpose(s).

3. Use the minimum necessary personal confidential data.

Where use of personal confidential data is considered to be essential, the inclusion of each individual item of data should be considered an justified so that the minimum amount of personal confidential data is transferred or accessible as is necessary for a given function to be carried out.

4. Access to personal confidential data should be on a strict need-to-know basis.

Only those individuals who need access to personal confidential data should have access to it, and they should only have access to the data items that they need to see. This may mean introducing access controls or splitting data flows where one data flow is used for several purposes.

5. Everyone with access to personal confidential data should be aware of their responsibilities.

Action should be taken to ensure that those handling personal confidential data – both clinical and non-clinical members of staff – are made fully aware of their responsibilities and obligations to respect patient confidentiality

6. Comply with the law.

Every use of personal confidential data must be lawful. Someone in each organisation handling personal confidential data should be responsible for ensuring that the organisation complies with its legal requirements.

7. The duty to share information can be as important as the duty to protect patient confidentiality.

Health and social care professionals should have the confidence to share information in the best interests of their patients within the framework set out by these principles. They should be supported by the policies of their employers, regulators, and professional bodies.

ANNEX B - Project Summary Guidance

Before you can complete the screening questions to assess whether a DPIA is required, you need to complete the project purpose.

The reason for the completion of the project purpose is to help you to be able to answer the screening questions.  

Before you can adequately answer the screening questions you must have the following information:

  • Project outline
  • Stakeholder analysis
  • Environmental scan

Project Outline

Obtain or develop a project outline. During the early stages of a project, there is only limited documentation available, and there may be uncertainty about the project’s scope and the features of the intended system.

To ensure that you know what the project’s aims and objectives are and to start thinking about what the potential impact of the project might be, make sure you get a copy of the project initiation documents, such as a project charter or terms of reference. If such documents are not available, consult with relevant members of staff, key stakeholders, members of the project steering committee, and obtain advice from the IG team (ig@hee.nhs.uk).   A relatively short description of the project can be prepared if necessary, as a basis for subsequent analysis.

More information will be available if the activity is conducted at a later stage of the project, and the project outline should provide references to relevant documents, including descriptions of relevant technologies, predecessor systems and/ or similar projects elsewhere.

Stakeholder Analysis

Stakeholder analysis involves making a list of any groups or organisations who may have an interest in, a role to play in delivering, or be affected by the project. This could include: -

  • the organisation conducting the project
  • other organisations directly involved in the project
  • organisations and individuals that are intended to benefit from it
  • organisations and individuals that may be affected by it
  • organisations that provide technology and services to enable it

At this stage, you should highlight as many groups as possible with a very brief description of the stake each group might have in the project, any analysis of stakeholders should be brief, ideally a one-page summary. This list can be reviewed and edited down later for more focused consultation.

Environmental Scan

It is valuable to identify similar projects conducted elsewhere in the organisation. This will allow teams to learn from other’s mistakes, recognise solutions and mitigating actions, and consider partner working practices if they are fit for purpose. Where new technology is being used, or the project applies existing technology in new ways, it is likely to assist the evaluation if descriptions of the technology and its applications are gathered.

ANNEX C – Example Projects Requiring Screening Questions

Below are examples of a range of different projects for which screening questions should be completed. This list is not exhaustive, should you be unsure as to whether your programme, project, process or system requires the completion of the screening questions, contact the IG team (ig@hee.nhs.uk) for advice.

  • Replacement of an existing personal data system by new packaged software, with consequential changes to business processes and perhaps data storage.
  • Design and development of a new personal data system that will only contain data about people who have given their consent.
  • Enhancements to an existing system to collect, store and use several additional items of personal data.
  • A proposal to collect items of personal data from a new source, e.g. to reduce the costs incurred by the organisation or the inconvenience to the individuals concerned, or to enable cross-checking against data provided by the data subject.
  • A proposal to share personal and or special category information with another organisation
  • Revisions to instructions for members of staff relating to the disclosure of personal data.
  • Adaptations to an existing system to reflect new legislation, codes or industry standards.
  • The drafting of legislative amendments authorising the collection, use or disclosure of personal data (particularly where a specific project authorised by the amended legislation will be subject to a DPIA).
  • The application of a new technology to an existing purpose (e.g., replacement of bar-code or magnetic-stripe technology with a contact-based chip containing the same data).
  • Drafting of new procedures for customer authentication, e.g., to reflect new knowledge about ‘identity theft’ or respond to media coverage of it.
  • The re-design of web-forms for capture of personal data from customers, including the explanations provided, and the circumstances in which data-items are declared to be mandatory or optional.
  • Plans to outsource business processes involving personal data, or the storage and processing of personal data.
  • The application of existing personal data to a new purpose.
  •  Changes to retention policies relating to personal data.
  • Policy statements concerning the usage of employer-provided facilities by members of staff such as telephones, mobile phones, desktops, portables, and broadband and wireless ISP subscriptions.
  • Review of the means whereby customers / clients express their requests, consents and denials regarding the disclosure of their data from the records of a clinical professional.
  • The design of a pseudonymous scheme for customer survey data.
  • Amendments to the organisation’s privacy policy statement.
Return to the top of the page.