You are aware of your compliance requirements. You have set up your data handling contract. But how sure are you that your systems and processes are meeting the spirit of your agreements as far as privacy is concerned?
The news is littered with embarrassing stories of organisations that have followed the letter of the law with regard to privacy but have missed the spirit, alienated key stakeholders and seriously jeopardised expensive projects.
Privacy law is not yet developed enough to provide a good practical guide. In order to ensure that your various stakeholders (regulators, patients, staff, clients) are on board, you will need to do more than just what is required by law to engender trust and confidence.
We can also assist you from a privacy perspective with your application to the National Information Governance Board (NIGB) Ethics & Confidentiality Committee (ECC) for approval to access patient data under section 251.