The Data Protection Act 2018 and the UK GDPR, which implements EU GDPR regulations in the UK, makes provision about the lawful processing of personal data. Individuals are protected with regard to the processing of their personal data, in particular by requiring “personal data to be processed lawfully and fairly, on the basis of the data subject’s consent or another specified basis”. The UK GDPR further defines data controllers and data processors and their differing roles and responsibilities.
BAPEN stores personal data from surveys, membership applications, conference and meeting attendance, and medical research. BAPEN does not have its own administrative staff or offices but sub-contracts to Medivents Ltd who hold conference and membership data on behalf of BAPEN. BAPEN comprises various committees, core groups and special interest groups, all of which conduct surveys and research which involve the use of some personal data. BAPEN is registered with the Charity Commission and the Information Commissioner’s Office and is regulated by these institutions. In November 2024, the BAPEN Trustees created a Data Governance Group to ensure that BAPEN is compliant with GDPR legislation and assess any risks the organisation could face in future.
If you have any questions or queries about personal data or data sets you may hold on behalf of BAPEN please contact the Office bapen@bapen.org.uk
Committee Members
- Sarah McIntyre (Trustee)
- Emily Walters (MAG)
- Shameer Mehta (MAG)
- Emma Parsons (Education Officer)
- Sarah-Jane Nelson (IFR)
