How we protect your personal data
We are committed to protecting your privacy and will only process personal data in accordance with the General Data Protection Regulation (GDPR), the Data Protection Act 2018, the Common Law Duty of Confidentiality and the Human Rights Act 1998.
All information is subject to rigorous measures and procedures to make sure it cannot be seen, accessed or disclosed to any inappropriate persons. We have an Information Governance Framework that explains the data security governance within the CCG.
Access to electronic data is password protected on secure network and / or online systems and paper documentation is filed securely in lockable storage cabinets.
Our IT Services provider, Greater Manchester Shared Services, regularly monitor our system for potential vulnerabilities and attacks and look to always ensure security is strengthened.
Everyone working for the NHS has a legal duty to keep information about you confidential and comply with the common law duty of confidentiality and other NHS guidance.
All of our staff including contractors and committee members receive appropriate and on-going training data security training to ensure they are aware of their personal responsibilities and have contractual obligations to uphold confidentiality, enforceable through disciplinary procedures.
We have incident reporting and management processes in place for reporting any data breaches or incidents. We learn from such events to help prevent further issues and inform data subjects of breaches when required.