Common use of Information Sharing and Data Protection protocols Clause in Contracts

Information Sharing and Data Protection protocols. 14.1 Member CCGs shall all comply with the Data Protection Act (“DPA”) and any other statutory regulations relating to information sharing and data protection. 14.2 Member CCGs will enter into a Data Sharing Agreement (“DSA”) that governs the processing of information and data pursuant to this Agreement. The DSA shall: 14.2.1 Identify the information that may be processed; 14.2.2 Identify the purposes for which the information may be processed and state the legal basis for the processing in each case; 14.2.3 Confirm the Data Controller and, if appropriate, the Data Processor of any personal data, although it is not expected that personal data will be processed by the Joint Committee or any of its sub-groups; 14.2.4 Set out what will happen to the data on the termination of this Agreement; 14.2.5 Explain how Member CCGs shall deal with subject access requests and other requests made under the DPA; and 14.2.6 Set out such other provisions as are necessary for the sharing of information to be fair and lawful. 14.3 Member CCGs will share all non-Personal Data in accordance with Information Law and their statutory powers as set out in section 14Z23 of the Act. 14.4 Member CCGs agree that, in relation to information sharing and the processing of information for the purposes of the Joint Functions, they must comply with: 14.4.1 All relevant Information Law requirements including the common law duty of confidence and other legal obligations in relation to information sharing including those set out in the NHS Act 2006 and the Human Rights Act 1998;

Information Sharing and Data Protection protocols. 14.1 14.1. Member CCGs and any third party contracted by the CCGs to act as their agent, shall all comply with General Data Protection Regulations (“GDPR”) and the Data Protection Act (“DPA”) and any other statutory regulations relating to information sharing and data protection. 14.2 14.2. Where required, Member CCGs will enter into a Data Sharing Agreement (“DSA”) that governs the processing of information and data pursuant to this Agreement. The DSA shall: 14.2.1 14.2.1. Identify the information that may be processed; 14.2.2 14.2.2. Identify the purposes for which the information may be processed and state the legal basis for the processing in each case; 14.2.3 14.2.3. Confirm the Data Controller and, if appropriate, the Data Processor of any personal data, although it is not expected that personal data will be processed by the Joint Committee or any of its sub-groups; 14.2.4 14.2.4. Set out what will happen to the data on the termination of this Agreement; 14.2.5 14.2.5. Explain how Member CCGs shall deal with subject access requests and other requests made under the DPA; and 14.2.6 14.2.6. Set out such other provisions as are necessary for the sharing of information to be fair and lawful. 14.3 14.3. Member CCGs will share all non-Personal Data personal data in accordance with Information Law and their statutory powers as set out in section 14Z23 of the Act. 14.4 14.4. Member CCGs agree that, in relation to information sharing and the processing of information for the purposes of the Joint Functions, they must comply with: 14.4.1 14.4.1. All relevant Information Law requirements including the common law duty of confidence and other legal obligations in relation to information sharing including those set out in the NHS Act 2006 and the Human Rights Act 1998;