On this page

GDPR

On this page

We are proud to provide high quality healthcare services to our customers. Data Protection legislation is not new to us, and we have been complying with the Data Protection Act since 1998. The GDPR raises the benchmark for data protection compliance, and we continually strive to achieve these stringent standards.

We have implemented both technical and organisational measures to ensure we are compliant with legislation. We regularly review all our systems and applications, and remedial action is taken where necessary to keep personal data secure.

We are confident that we can demonstrate our accountability and compliance. Our Data Protection policies and procedures are periodically reviewed and updated to ensure we are up to date and compliant to the GDPR. Third party contracts have been reviewed to ensure they are in line with Brexit and the changes affecting data processing.

Article 30 of the GDPR requires specific records to be kept of data processor activities. We have data inventories across all of our business areas to map what personal data we hold on behalf of data subjects, where it comes from, who we share it with and what we do with it. This provides us with the foundation of our GDPR compliance.

We promote a positive culture of data protection and compliance through awareness and training for all staff.

If you have any questions about GDPR, please contact our Data Protection Officer data.protection@mckesson.uk.

Please click here for a link to the website of the Information Commissioners Office (ICO). The ICO is the UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.