General Data Protection Regulation (GDPR)

What is GDPR?

General Data Protection Regulation (GDPR) proposed by the European Commission will strengthen and unify data protection for individuals within the European Union, whilst addressing the export of personal data outside the EU.

The GDPR replaces the 1995 Data Protection Directive. Because GDPR is a regulation, not a directive, it does not require national governments to pass any enabling legislation and is directly binding and applicable.

Why do we need this information?

The NHS Act 2006 and Health and Social Care Act 2012 invests statutory functions on GP Practices to promote and provide the health service to improve quality of services, reduce inequalities, conduct research, review performance of services and deliver education & training.  To do this we will need to process your information in accordance with current data protection legislation to:

Protect your vital interests;

  • Pursue our legitimate interests as a provider of medical care, particularly where the individual is a child or vulnerable adult
  • Performs tasks in the public’s interests
  • deliver preventative medicine, medical diagnosis, medical research; and
  • Manage the health and social system and services.

Should require any further information on GDPR, this can be found on the Information Commissioner’s Office (ICO) website:

https://ico.org.uk/fororganisations/guidetothegeneraldataprotectionregulationgdpr/

Data Protection Officer:         Mr James Carroll

Email address:                             DPO.SUNCCG@NHS.NET