Data security protection policy

Document category: Trust wide policy

Document date: February 1, 2024

In order to provide high-quality care, operate effectively and be accountable to the public the Trust must hold and process personal and sensitive personal data about services users in both electronic and paper formats.

The chief executive, supported by the Caldicott Guardian and SIRO, is accountable for ensuring the Trust meets its legal obligations and corporate responsibilities to ensure personal data remains confidential and is only used and shared in accordance with the data protection principles.

The Trust is registered as a data controller with the ICO and its level of confidentiality and data protection assurance is monitored as part of the data security and protection toolkit.

The Trust’s data protection practices may also be subject to scrutiny by the ICO in the event of a consensual of compulsory audit.

Page last updated on: