Data Protection Policy

1. Purpose of the policy

1.1 The International Academy of Pathologists (IAP) is committed to complying with privacy and data protection laws including:

(a) the General Data Protection Regulation (“the GDPR”) and any related legislation which applies in the UK, including, without limitation, any legislation derived from the Data Protection Bill 2017;

(b) the Privacy and Electronic Communications Regulations (2003) and any successor or related legislation, including without limitation, E-Privacy Regulation 2017/0003; and

(c) all other applicable laws and regulations relating to the processing of personal data and privacy, including statutory instruments and, where applicable, the guidance and codes of practice issued by the Information Commissioner’s Office (“ICO”) or any other supervisory authority (together “the Legislation”)

1.2 This policy sets out what we do to protect individuals’ personal data.

1.3 Anyone who handles personal data in any way on behalf of the IAP must ensure that we comply with this policy.

Section 3 of this policy describes what comes within the definition of “personal data”. Any breach of this policy will be taken seriously and may result in disciplinary action or more serious sanctions.

1.4 This policy may be amended from time to time to reflect any changes in legislation, regulatory guidance or internal policy decisions.