The organisation regards the integrity of its computer system as central to the success of the organisation. It contains information about patients, staff and the operations of the business and therefore must be kept secure. Its policy is to take any measures it considers necessary to ensure that all aspects of the system are fully protected. This policy aims to comply with the requirements of both the General Data Protection Regulation (GDPR) and the Data Protection Act (DPA) 2018.
