According to an article in the Financial Times, the NHS has shared a wealth of data with several companies. Any organisation can apply for access to NHS patient data, but while some use it for planning and research purposes (e.g. local governments, public bodies, and universities), the Financial Times has discovered that it was also shared with 43 commercial businesses.
The Legal State of Play
Under the General Data Protection Regulation (GDPR), your data can only be processed for “specified, explicit and legitimate” purposes. It also must be kept accurate, up-to-date, and safe. You must also provide your consent for how it can be used. Although companies collecting your data must undertake a DPIA (Data Protection Impact Assessment) as to how that data is used and processed, in the main our investigations show that is not happening.
By using your data in ways that contravene the GDPR, certain third parties are breaking the law – and we are holding them to account.
CONTACT US TO FIND OUT HOW WE ARE HELPING PAYERS GET COMPENSATION FOR THE ILLEGAL USE OF THEIR SPORTS DATA.