The General Data Protection Regulation is coming and Healthwatch East Sussex is getting ready
At Healthwatch East Sussex, the protection of your personal data is very important to us.
We’re prepared to adhere to the General Data Protection Regulation (GDPR), which is due to take effect on May 25, 2018.
What is GDPR?
In 2016, the European Union (EU) approved a new privacy regulation called the General Data Protection Regulation commonly known as the GDPR. It’s a mandatory ruling that applies to all companies that collect the data and information of EU individuals and meet certain territorial requirements. The GDPR is designed to strengthen the security and protection of personal data in the EU, as well as provide businesses with a structured framework on how to collect, process, use, and share personal data. Under the GDPR, the concept of “personal data” is very broad, and covers almost any information relating to a specific individual.
When are these regulations starting to be enforced?
All companies collecting or processing the personal data of EU individuals must be GDPR compliant by May 25, 2018.
Will Healthwatch East Sussex compliant with the GDPR by May 25, 2018?
Yes. We will be compliant to the extent required on or before May 25, 2018 and will continue to comply on an on-going basis.
At Healthwatch East Sussex, we store our data collected online with Amazon Web Services (AWS), which is based in the EU via our data processor The Ekko Group Ltd (EKKO).
EKKO and AWS have announced that they will comply with the GDPR when it becomes enforceable on May 25, 2018.
How is Healthwatch East Sussex, preparing for GDPR compliance?
We welcome the arrival of GDPR and view the regulations as raising the bar for data protection, security, and compliance. We are closely analysing the requirements of the GDPR and are working to make enhancements to our site, databases and internal documentation. We’re approaching this process with our staff and suppliers, to implement the necessary procedures and practices.
Where can I learn more about GDPR? Additional information is available from the Information Commissioners Office: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/
Who should I contact? If you have any additional questions about the GDPR you are welcome to contact us at by email firstname.lastname@example.org or Telephone 0333 101 4007