Data Protection Policy
1. Purpose of the policy
1.1 The International Academy of Pathologists (IAP) is committed to complying with privacy and data protection laws including:
(a) the General Data Protection Regulation (“the GDPR”) and any related legislation which applies in the UK, including, without limitation, any legislation derived from the Data Protection Bill 2017;
(b) the Privacy and Electronic Communications Regulations (2003) and any successor or related legislation, including without limitation, E-Privacy Regulation 2017/0003; and
(c) all other applicable laws and regulations relating to the processing of personal data and privacy, including statutory instruments and, where applicable, the guidance and codes of practice issued by the Information Commissioner’s Office (“ICO”) or any other supervisory authority (together “the Legislation”)
1.2 This policy sets out what we do to protect individuals’ personal data.
1.3 Anyone who handles personal data in any way on behalf of the IAP must ensure that we comply with this policy.
Section 3 of this policy describes what comes within the definition of “personal data”. Any breach of this policy will be taken seriously and may result in disciplinary action or more serious sanctions.
1.4 This policy may be amended from time to time to reflect any changes in legislation, regulatory guidance or internal policy decisions.
Click on the links below for other sections of the IAP Data Protection Policy:
3. Definitions of data protection terms
5. Processing data fairly and lawfully
6. Processing data for the original purpose
7. Personal data should be adequate and accurate
8. Not retaining data longer than necessary
9. Rights of individuals under the GDPR
11. Transferring Data Outside the EEA
12. Processing sensitive personal data
14. Monitoring and review of the policy