Data Protection Impact Assessments

Data Protection Impact Assessments are an integral part of taking a “privacy by design” approach. Data Protection Impact Assessments are a tool that The Christie NHS Foundation Trust use to identify and reduce the privacy risks of projects.

Projects could include:

  • Introduction of a new paper or electronic information system for storing and accessing personal data
  • Update or revision of a key system that might alter the way in which the organisation uses, monitors and reports personal data
  • Changes to an existing system where additional personal data will be collected
  • Proposal to collect personal data from a new source or for a new activity
  • Using existing data for a new and unexpected purpose
  • Plans to outsource business processes involving storing and processing personal data
  • Plans to transfer services from one provider to another that include the transfer of information or information systems
  • Changes to or introduction of new information sharing agreements
  • A new surveillance system

A Data Protection Impact Assessment can reduce the risks of harm to individuals through the misuse of their personal information. It can also help us to design more efficient and effective processes for handling personal data.

Below is a list of recent (last 12 months and updated every six months) Data Protection Impact Assessments that the Trust has undertaken to ensure continued consideration is given to the privacy of its patients and staff:

  • IQVIA Breast Cancer Pathway Project
  • Deliver Debiri
  • Clarity Toolkit
  • FMFirst
  • Nutricia Homeward Connections
  • uMotif
  • ClinSpark
  • Abbott Nutrition eRegistration

If you would like any further information in relation to the Data Protection Impact Assessments undertaken by the Trust, please contact information.governance@christie.nhs.uk