Data laws are changing

The existing Data Protection Act is replaced with a new set of regulations known simply as GDPR (General Data Protection Regulation) on 25 May 2018.

NHSGGC has a legal requirement to comply with this regulation and work is well advanced to make the necessary changes to our policies and procedures.

Isobel Brown, head of information governance, and her team have cut through the complex legislation to create easy-to-use fact sheets for staff and have been hosting roadshows across our sites to help inform what this new regulation means to each of us, allowing us to make the necessary changes within our own departments where necessary.

It is vital we all know what we should store and what we shouldn’t – and, importantly, how we register and record what information we have and how it is shared.

GDPR requires us to hold a register of all information assets held across our Board. It allows us to understand what information we hold and who has access to it. All departments should now be well advanced in the process of registering all information assets held within their department onto the Board’s Information Asset Register.

Thank you for your continued assistance with this crucial element of GDPR. The completion of the work will allow the Board to demonstrate its compliance with this important requirement.

More information on the Information Asset Register, along with the forms and guidance, can be found on StaffNet > Corporate Services > eHealth > Information Governance > Information Asset Register

For information on the roadshow schedule and the factsheets, visit: StaffNet > Corporate Services > eHealth > Information Governance > GDPR or contact: [email protected] or tel: 0141 278 4774 for further information.

For further information, please contact [email protected] or tel: 0141 355 2059.