On 25 May 2018 the general data protection regulation (GDPR) came into force across all the member states of the European Union.

Along with the Data Protection Act 2018, the legislation sets out the obligations on how the HSCP uses personal information.

To provide services and carry out our statutory duties, the HSCP must gather personal information about service users, employees and other individuals. This personal information, however it is acquired and used, must be done so lawfully, fairly and transparently.

GDPR strengthens the obligations and accountability on organisations, like the HSCP, NHSGGC and EDC, to handle personal data in a transparent and secure manner. The overall purpose of the regulation is to increase the rights individuals have over how organisations manage the personal information they hold about them. It also strengthens the obligations and accountability for organisations to handle personal data in a transparent and secure manner.

You can find out more information by following the links below:

Data Protection & Privacy - NHSGGC

Privacy Statement and Data Protection