Protection of personally identifiable information

The General Data Protection (GDPR) and UK Data Protection Act 2018 came in to force in
2018 and have had significant impact upon the way that personal data is managed; placing legal requirements upon data processors and controllers to manage that information securely, maintain records of the processing that is carried out, and report when breaches of the regulation do occur.

This has impacted the way many businesses operate, and is not restricted to the healthcare sector.

At TDL, these requirements have been implemented within the context of a mature
ISO 27001 Information Security Management System – the globally accepted standard by
which information is secured.

This ensures that senior management have regular visibility of the threats to the confidentiality, availability and integrity of the information that we process, and are able to steer the efforts of their teams to provide an efficient service that places the confidentiality of our customers and their patients at the heart of everything we do.

In order to support our customers compliance with the regulation and as a part of a wider GDPR compliance project TDL has updated its standard terms and conditions to include revised data processing clauses, which are mandatory when providing personal data to another organisation.

Customers can find out more about how TDL protects their data by reading the TDL Privacy
Notice at www.tdlpathology.com/about-us/corporate-information/tdl-group-privacy-notice.