Under GDPR, it is the responsibility of our Trust, not just to be compliant with the law, but to be able to actively demonstrate this compliance. One of the key ways of demonstrating compliance with Data Protection by Design is through the use of DPIAs.
What is a DPIA?
A DPIA is a screening tool which is designed to help organisations systematically analyse, identify and minimise the data protection risks of a project or plan. It allows issues to be recognised as early as possible and addressed appropriately, which in turn shows that data protection has been considered throughout the development of any new or changes to existing activities.
The list below shows DPIA’s which have been undertaken and approved by the Trust:
|Proposal Number||Proposal Name||Summary of Proposal||Using Person Identifiable Data||Using Special Category Data||PIA Completed||Is the Supplier Trust or External?||Supplier Checks Completed||Outside EU||Purpose||Date Proposal Agreed|
|P101064||Data Load Software||Health Education England (HEE) provided tool to facilitate and support the transfer of information into the Trust Electronic Staff Record (ESR) system.||Yes||No||Yes||External||Yes||No||Contract/Obligation||27/06/2018|
|P101071||My Kit Check||Electronic system to replace paper checklists used to log resuscitation trolley checks, order stock and monitor expiry dates.||No||No||Yes||External||Yes||No||Direct Care||26/06/2018|