We are currently undertaking a GDPR readiness project across the business and part of that includes reviewing our current policies and procedures with a view to identify any gaps in GDPR compliance; and we will be taking steps to fill any gaps before the effective date of 25th May 2018.
We are also reviewing our contracts with all 3rd parties with whom we share data. Once this exercise is complete we can share any changes required to bring contracts in line with GDPR.
We will also, as part of this project and as part of our ISO 27001 certification, be reviewing and formalising our data retention policy.
We expect to be in a position to provide further updates (on our website) regarding our state of readiness in the New Year and we are working to ensure that we will be GDPR compliant by the effective date, 25 May 2018. Please check our website for further updates.
If you have any additional questions please email us at GDPR@westfieldhealth.com