The Data Protection Act 1998 (DPA) requires a clear direction on policy for security of information within the practice and provides individuals with a right of access to a copy of information held about them.
The practice needs to collect personal information about people with whom it deals in order to carry out its business and provide its services. Such people include patients, employees (present, past and prospective), suppliers and other business contacts. The information we hold will include personal, sensitive and corporate information. In addition, we may occasionally be required to collect and use certain types of such personal information to comply with the requirements of the law. No matter how it is collected, recorded and used (e.g. on a computer or on paper) this personal information must be dealt with properly to ensure compliance with the Data Protection Act 1998 and the General Data Protection Regulations 2018.
The lawful and proper treatment of personal information by the practice is extremely important to the success of our business and in order to maintain the confidence of our service users and employees. We ensure that the practice treats personal information lawfully and correctly.
This policy provides direction on security against unauthorised access, unlawful processing, and loss or destruction of personal information.
Click here to download our full Data Protection Policy Document >>