Data Protection Impact Assessments are an integral part of taking a “privacy by design” approach. Data Protection Impact Assessments are a tool that The Christie NHS Foundation Trust use to identify and reduce the privacy risks of projects.

Projects could include:

  • Introduction of a new paper or electronic information system for storing and accessing personal data
  • Update or revision of a key system that might alter the way in which the organisation uses, monitors and reports personal data
  • Changes to an existing system where additional personal data will be collected
  • Proposal to collect personal data from a new source or for a new activity
  • Using existing data for a new and unexpected purpose
  • Plans to outsource business processes involving storing and processing personal data
  • Plans to transfer services from one provider to another that include the transfer of information or information systems
  • Changes to or introduction of new information sharing agreements
  • A new surveillance system

A Data Protection Impact Assessment can reduce the risks of harm to individuals through the misuse of their personal information. It can also help us to design more efficient and effective processes for handling personal data.

Below is a list of Data Protection Impact Assessments from the last 12 months that the Trust has undertaken to ensure continued consideration is given to the privacy of its patients and staff:

  • DPIA42 CRF Manager
  • DPIA43  DrDoctor
  • DPIA48  Roche EY OBC
  • DPIA49  Cimar
  • DPIA50  Microguide App
  • DPIA52  GP Co-morbidity and Medicines to inform cancer outcomes and care
  • DPIA53  Online Consent Form
  • DPIA55  SPIS CWP Form Development
  • DPIA57  ICU Medical Pumps-iQemo
  • DPIA59  Gynae MDT
  • DPIA60  The Ella Project
  • DPIA62  PET core lab – MIMcloud
  • DPIA64  NHSMail
  • DPIA67  PROACT (review of PIA completed by Astra Zeneca)
  • DPIA69  NextCloud Security
  • DPIA71  Prostate cancer data as an external validation set
  • DPIA73  Stage II Endometrial cancer outcomes
  • DPIA74  Stockport Health Care Record
  • DPIA75  Q-Pulse
  • DPIA79  Q-Pulse Biobank
  • DPIA82  Spine Mini Services Capability
  • DPIA84  Splunk
  • DPIA85  Christie @ Tameside
  • DPIA87  Teamwork
  • DPIA88  Totara Learning Management System
  • DPIA95  National Lung RTDB
  • DPIA99  RECAP Study (Covid-19)
  • If you would like any further information in relation to the Data Protection Impact Assessments undertaken by the Trust, please contact the-christie.information.governance@nhs.net