The European Union General Data Protection Regulations (GDPR) which was adopted by the European Union in 2016 came into force on 25th May 2018. The Government is introducing a UK Data Protection Bill (currently in draft) which incorporates and supplements the GDPR to create a UK data protection regime post Brexit.
To comply with the law, staff that process personal information must ensure they follow Data Protection Principles. The obligation to keep information confidential arises out of the common law duty of confidentiality, professional obligations and staff/third party contracts. All staff with access to confidential personal information must keep that information safe and secure.
Purpose and Scope
This document sets out Tide End Clinic’s commitment to the confidentiality of personal information and its responsibilities with regard to the disclosure of such information.
It aims to ensure that all staff whether directly employed or self- employed within the Clinic are aware of their responsibilities towards the confidentiality of personal information.