The General Data Protection Regulation 2016 (GDPR) came into force on 25 May 2018 and it applies to Walsall Healthcare NHS Trust as Data Controller. The legislation will replace current data protection law, giving more rights to individuals and more obligations to organisations processing personal data.
As Data Controller, we determine the purpose and manner of processing personal data for both employees and patients. Where we are responsible for processing personal data on behalf of another data controller we act as a Data Processor.
The Trust has robust processes and systems to support compliance with the new laws, which includes keeping you informed about how your data is used.
The Trust's policy on the implementation of the GDPR can be found here.