1. Self Service Portal
  2. Client System Login
  3. Frameworks
  4. Sphere
Close Icon
  1. Self Service Portal
  2. Client System Login
  3. Frameworks
  4. Sphere

Contact Preferences

Welcome to our contact preference centre

NHS Shared Business Services and the General Data Protection Regulation (GDPR)

The GDPR comes into effect in the UK on 25 May 2018.

What we are doing to prepare for the new data protection law

We are working to make sure that we are prepared for the changes. This includes ensuring that the personal data we manage for our NHS clients is always collected, managed, stored and shared (we won't do this without your permission) legally and safely.

The personal data of the staff and patients of our NHS customers, and our own staff and business will continue to be handled securely, in line with the regulations.

Implementing GDPR within NHS Shared Business Services

We are confident that we will be able to implement the GDPR successfully, building on our track record of data security and our compliance with the Data Protection Act 1998 (DPA).

We have established internal steering and working groups to implement the GDPR before it comes into effect. This group are be supported by guidance issued by the UK Information Commissioner's Office.

Impact on customers and stakeholders

Our systems and services will not be changing and we expect any impact will be small.

Impact on the public whose data we hold

Our duty to safeguard personal data has not changed and is our priority. The GDPR creates some new rights for individuals and it strengthens some of the rights that currently exist under the DPA. We will work to make sure that these rights are properly implemented, and any changes in the ways we collect, store or share your data are communicated appropriately.

Contact us

We are keen to be as transparent as possible. If you would like any further information on how we are responding to the changes introduced by the GDPR, please email our Information Governance team.

Contact the Information Commissioner's Office (ICO) if you have an enquiry about complying with the GDPR in your own organisation.

Share this page

Facebook icon Twitter icon Email icon

Print

Print icon