The client
Spencer Hospitals is a private healthcare provider based in East Kent, operating facilities in Margate, Ashford, and Canterbury. As a wholly owned subsidiary of the East Kent Hospitals University NHS Foundation Trust, Spencer Hospitals offer over 200 private treatments and surgeries across various specialties, including cardiology, orthopaedics, dermatology, and urology. With a reputation for excellent clinical care and access to expert consultants, Spencer Hospitals provides a safe and supportive environment for patients seeking private medical services.
What did they need?
Naturally, as a healthcare organisation, Spencer Hospitals processes large amounts of health data. Spencer Hospitals were looking for a pro-active service that would support the internal team and provide expert advice and guidance. Through our Outsourced Data Protection Officer (DPO) service, we have been able to support Spencer Hospitals in a range of different ways, such as:
- General data protection queries
- Review of privacy notices
- Guidance on accountability documentation
- Freedom of information (FOI) request support
- Attendance at committee meetings
How did we help?
Our approach with Spencer Private Hospitals, as is our approach for all organisations we support, is built on flexibility, expertise, and minimal disruption. We understand that each organisation has unique needs, which is why we offered tailored solutions designed to enhance their operations while maintaining continuity.
Our services include:
- Expert ad-hoc advice – We provide Spencer Hospitals with timely, professional advice on demand, supporting in making informed decisions on complex data protection issues.
- Offsite service delivery – To reduce disruption to day-to-day operations, we carry out our DPO services offsite, allowing Spencer Hospitals to focus on their core activities while still benefiting from our support.
- Independent Assurance – By attending and contributing at committee meetings, DPAS provides independent assurance on decision making.
- Documentation review and drafting – As the DPO we have provided review and drafting of various compliance documents. Allowing Spencer Hospitals to be confident in their documents efficacy, as well as ensuring demonstrable compliance.
The result
The collaboration has been a resounding success:
- Enhanced skills and knowledge – Following 1-2-1 sessions, Spencer Hospitals’s team are now better equipped with the practical skills and expertise needed to perform their roles more effectively and confidently.
- Improved compliance – The organisation’s compliance levels have strengthened, with assured alignment to industry standards and regulation, resulting in reduced risk and enhanced operational integrity.
- Strong client relationship – Our collaboration has developed into a trusted, ongoing partnership, clearly evidenced by consistent communication, positive feedback, and repeated bookings for our services.
- Reliable expertise – Due to the collaborative efforts, and the strong relationship DPAS and Spencer Hospitals have built, Spencer Hospitals can be confident that they can access support whenever they need it most.
- Pro-active approach – By upskilling the internal team, and providing regular proactive updates, advice, and resources, DPAS proactively supports Spencer Hospitals to continue to build resilience, and improve compliance.
What the client had to say
“ As a private healthcare provider, ensuring the highest standards of data protection and compliance with UK GDPR is not just a legal requirement, it’s a core responsibility to our patients, staff and third-parties here at SPH. Partnering with DPAS has been a game-changer for our organisation. From the outset, DPAS demonstrated a deep understanding of the healthcare sector’s unique data protection challenges and their outsourced DPO service provided expert, proactive guidance, helping us navigate complex regulatory obligations with confidence and ease.
I have great pleasure in recommending DPAS as an outsourced DPO service to any organisation looking for specialist support and assurance in their data protection responsibilities and look forward to continuing our partnership in the future.”
— Alex Aucutt-Ford, Head of Digital Transformation and Information Governance, Spencer Private Hospitals
