Data Protection Compliance

Connor Dash made this Freedom of Information request to Independent Medical Expert Group Automatic anti-spam measures are in place for this older request. Please let us know if a further response is expected or if you are having trouble responding.

Response to this request is long overdue. By law, under all circumstances, Independent Medical Expert Group should have responded by now (details). You can complain by requesting an internal review.

Dear Independent Medical Expert Group,

1. Does your organisation use any applications or software to record Record of Processing Activity (ROPA)?

If so, please state the product name(s) and version numbers(s) (if known)

2. Does your organisation use any applications or software to support preparation for, or maintenance of ISO 27001 and/or ISO 27701 compliance?

If so, please state the product name(s) and version numbers(s) (if known)

3. Does your organisation use any applications or software associated with data breach management?

4. Does your organisation use any applications or software associated with Freedom of Information management?

If so, please state the product name(s) and version numbers(s) (if known)

5. Does your organisation use any applications or software for Policy Management?

If so, please state the product name(s) and version numbers(s) (if known)

6. Does your organisation use any eLearning for Data Protection and Security Awareness?

If so, please state the product name(s) and version numbers(s) (if known)

7. Has your organisation reviewed / explored the market regarding the provision of technology which supports the delivery of Information Governance functions?

If yes - please specify what actions have been taken?

If no - does your organisation have any plans to review / explore this market in the next 3 years?

8. Has your organisation allocated budget / financial resources regarding the commissioning / procurement of technology which supports the delivery of Information Governance functions?

If yes - please specify what actions have been taken?

If no - does your organisation have any plans to allocate budget / financial resources in the next 3 years?

9. Has your organisation developed a business case (outline or otherwise) regarding the commissioning / procurement of technology which supports the delivery of Information Governance functions?

If yes - please specify what actions have been taken?

If no - does your organisation have any plans to develop a business case in the next 3 years?

10. Will there be any opportunities to engage with your organisation regarding the commissioning / procurement of technology which supports the delivery of Information Governance function in the next three years?

Yours faithfully,

Connor Dash

ukstratcomdd-secretariatgpmbx@mod.gov.uk, Independent Medical Expert Group

Dear Mr Dash,

Your request has been logged under our reference FOI2023/11012 and the
target date for response is 6 October 2023.

Yours sincerely

Defence Digital Secretariat

CIO-FOI (MULTIUSER), Independent Medical Expert Group

1 Attachment

Dear Mr Dash,

Please see attached response to your requests for information

Regards

Information Rights Team

Ministry of Defence