IMPORTANT: You appear to be using a very old browser! This site will not display as intended.
This site is optimised for Internet Explorer 8 and above.

Data Protection Policy

The data protection policy can also be downloaded here as a PDF file.

1. Introduction and Purpose

2. Policy Context – the Data Protection Act 1998 (to be superseded by the General Data Protection Regulation in May 2018) and its relevance

3. Scope and Application of the Policy

4. Policy Statement

It is CHS policy that the processing of personal data by, or on behalf of, CHS or any of its customers – whether as a Data Controller (joint or in common) or as a Data Processor – shall be in accordance with the requirements, as currently understood, of the Data Protection Act 1998 (to be superseded by the General Data Protection Regulation in May 2018) and the current version of the NHS Confidentiality Code of Practice.

5. Assurance of Data Protection by CHS

5.1 Data Protection Framework

5.2 Data Protection Assurance

CHS will, through appropriate management, ensure the following actions to assure its compliance with the Data Protection Act (to be superseded by the General Data Protection Regulation in May 2018):

5.3 Policy Monitoring Arrangements

This policy will be monitored and will be subject to a regular review, which will take place within 6 months from the original date of issue of this policy and at 12-monthly intervals thereafter.