General Data Protection Regulation - GDPR

The General Data Protection Regulation (GDPR) came into effect in the UK on 25 May 2018.  It, coupled with a new UK Data Protection Act (DPA 2018) replaced the existing data protection law.  

Data Protection Team

Data Protection Officer
  • Health of Information Governance and Data Protection Officer
    NHS Informatics Merseyside
    Information Governance Team
    Holliins Park
    Cheshire WA2 8WA
Data Controllers   
  • Dr Deepak Gupta
  • Dr Stephen Donald 
  • Dr Sujeeth Mangarai
Caldicott Guardian 
  • Cathy Hogan (Practice Manager)


The EU GDPR is designed to harmonise data privacy laws across Europe.  It aims to protect all EU citizens from privacy and data breaches.  It replaces the Data Protection Act (DPA) which dates back to the 1990s when organisations held less data on individuals.

Please click on the links below to access more information about what information we hold on you, how we manage it, who we share it with and how we protect it.  If you want to  know more then please do contact our Practice Manager, Cathy Hogan by phone on 0151 317 8562 or by email.

This is our Certificate of Registration with the Information Commissioner’s Office (ICO)

More information is available on the ICO website about your rights.

You can download the following documents, or seek a printed copy at the practice by asking one of our reception team.  If you require this information in a different format please speak with our Practice Manager, Cathy Hogan.