System
Log In

Get Ready for GDPR!

On 25th May 2018, a new EU Regulation comes into force which will affect all organisations that collect or process personal data - the GDPR. Many of our clients have been asking about how this affects their use of SARD systems. Most Data Controllers, such as the NHS Trusts with which we primarily work, will be well aware of their increased responsibilities, but for some it’s still a mystery. So what is the GDPR?

The General Data Protection Regulation (GDPR) is the result of four years of work by the EU to bring data protection legislation into line with new, previously unforeseen ways that data is now used.

Currently, the UK relies on the Data Protection Act 1998, which was enacted following the 1995 EU Data Protection Directive, but this will be superseded by the new legislation. It introduces tougher fines for non-compliance and breaches, and gives people more say over what companies can do with their data. It also makes data protection rules more or less identical throughout the EU. While this sounds scary, it is actually much more fit for purpose in a digital world, focusing on data flows and data sharing and the modern ways in which information is used. And yes, even if and when the UK leaves the EU, the legislation will still apply. The legislation itself is wide ranging and complex, but at its heart GDPR focuses on six principles that must be applied to any collection or processing of personal data:

  1. Processed lawfully, fairly and in a transparent manner
  2. Collected for specified, explicit and legitimate purposes
  3. Adequate, relevant and limited to what is necessary.
  4. Accurate and, where necessary, kept up to date.
  5. Retained for only as long as necessary
  6. Processed in an appropriate manner to maintain security

As data processors, we at SARD are committed and duty bound to making sure that our systems help you to carry out these legal responsibilities on behalf of the medics, employees or any other data subjects whose information you need to collect. SARD has always used robust organisational and technical measures to make sure that our software is secure and your data is kept confidential while maintaining our trademark agility and flexibility of service. We are always happy to respond to any Privacy Impact Assessments or queries that might come up as the new regulations are enforced across your organisation. As responsible Data Processors we are ensuring that we keep on top of all the new and existing requirements set out in the GDPR so you can be confident that your data is safe with us.

Further information on the GDPR from The Information Commissioner’s Office

Read all Articles
Sales: 0203 886 0349 Support: 020 8771 4153

Privacy

Company Info

Credits

Accreditation

Sales: 0203 886 0349 Support: 020 8771 4153

Privacy

Download a PDF of our privacy policy for your records.

SARD Customer Privacy Policy

SARD User Privacy Policy

SARD Customer Support Policy

SARD Company Data Protection Policy

Company Info

Registered Address:
SARD JV Limited
Unit 76
Innovation Centre
University Road
Canterbury
Kent
CT2 7FG

A joint venture with Oxleas NHS Foundation Trust.

Registered in England and Wales with company number 07916735.

VAT No. 131901840

Credits

Design by Simon Sharville.

Development and additional design by The Familiar Ltd.

Videos by End2End Productions.

Copyright © 2012 - 2024 SARD JV Limited.

Accreditation

SARD JV are ISO 27001 certified by the British Assessment Bureau. Certificate no. 213141.

Certificate no. 213141.