Published 22nd May 2018
Inspire is fully committed to complying with the GDPR, which comes into effect on 25 May 2018.
Inspire has initiated a detailed programme of work and has put in place an Information Governance Framework underpinned by a suite of policies that will comply with the new law. These comprise a Privacy Statement; an Information Rights Policy; an Information Security Policy and an Information Compliance Policy.
We are maintaining an Information Asset Register which records types of personal data Inspire is processing and other supporting information. Training for all staff is being provided.
A new Data Protection Impact Assessment (DPIA) procedure to underpin “Privacy by Design (and Default)” is in place. DPIAs are being undertaken where relevant to ensure that appropriate technical and organisational security measures are put in place where high risk data processing is being undertaken.