At Gazmar Limited we are proud to provide high quality healthcare products and services to our customers.
Data Protection legislation is not new to us and we have been complying with the Data Protection Act since 1998. The GDPR raises the benchmark for data protection compliance and we will achieve these stringent new standards.
In August 2018 we recruited a Data Protection Officer and undertook a data protection audit and GDPR gap analysis. We put in place a project to ensure that we are compliant with the GDPR by launch. We have full support from the UK Board of Directors.
We have implemented both technical and organisational measures to prepare for the new legislation. Reviews have been undertaken of all our systems and applications and remedial action taken where necessary to keep personal data secure.
We are confident that we can demonstrate our accountability and compliance. Our Data Protection policies and procedures have been reviewed and updated to reflect the changes required under GDPR. We have reviewed and amended our third party contracts and data subject consents.
Article 30 of the GDPR requires specific records to be kept of data processor activities. We have data inventories across all of our business areas to map what personal data we hold on behalf of data subjects, where it comes from, who we share it with and what we do with it. This provides us with the foundation of our GDPR compliance.
We have always promoted a positive culture of data protection and compliance. This has been improved through awareness and GDPR training for all staff.
The GDPR requires us to notify any security incident or breach and we have a process in place to achieve this.
The GDPR improves data subjects’ rights. We have a process in place to respond to all data subject requests for access to their information.