Case StudyRisk and Regulatory
The Medical Specialist Group
View all

The Medical Specialist Group

The Medical Speciality Group (MSG) is a Guernsey-based organisation providing secondary health care and services to islanders across a broad range of specialisms. In the provision of these medical services, the MSG processes a large volume of extremely sensitive personal data where adequate controls of data and processes are needed to protect the rights of their patients.

CBO Data Protection Health Check

CBO was commissioned to deliver a Data Protection Health Check to provide the MSG with an independent and detailed review of their current data protection framework. The Health Check was tailored to the MSG and was delivered utilising an industry best practice GDPR toolkit and data protection maturity model, alongside CBO’s practical data protection experience.

The areas of focus for the health check included;

• Policies and the supporting operational procedures

• Management of sensitive patient data

• Records retention (electronic and hard copy)

• Third-party data sharing and supplier management

Outcome

The CBO health check provided a detailed report confirming the MSG’s data protection compliance and identified tangible improvements that can be made to embed and improve data protection controls in the organisation. In addition, the report confirmed that following completion of the key recommendations, the MSG would have defined and repeatable controls across all core data protection areas.

Following the health check, CBO continued to support the MSG by completing a series of Data Protection Impact Assessments for its core processing activities and IT systems. This work supported the implementation of a dedicated Data Protection management system (DPOrganiser) within the MSG and allowed the organisation to further embed data protection in business as usual activities.

Jon Buckland, Chief Executive, MSG, said

“CBO provided independent advice and perspective to help the MSG review its Data Protection systems and clear guidance as to how we could improve. The implementation plan was developed collaboratively in a structured process which has meant we have been able to deliver changes at pace.”

Article by Ed Mason-Smith

More risk and regulatory articles

Case Study
CBO support Ravenscroft with Risk Management Framework

Context Ravenscroft engaged CBO’s assurance services to help them mature their Risk Management Framework (“RMF”) to ensure that it was fit for purpose to demonstrate effective risk management and risk oversight. Ravenscroft’s Chief Risk Officer (“CRO”) had a desire to mature the RMF, thereby documenting and evidencing how the elements of the RMF work together […]
Blog Post
Data Protection: Five years on from GDPR

Since GDPR and the Channel Islands data protection legislation were implemented 5 years ago, personal data has become increasingly valuable and its protection more critical than ever before. Getting it wrong can be costly – for your reputation and your pockets. We sat down with Ed Mason-Smith, data protection expert and director here at CBO, […]
Case Study
Operational Resilience project supports First Central Group to achieve regulatory compliance

Context In March 2021 the Financial Conduct Authority (FCA) issued its final rules requiring firms within the UK’s financial sector to ensure operational resilience. CBO supported First Central Group, a Guernsey-based UK motor insurance provider, to achieve and evidence compliance with the FCA’s rules. Approach CBO provided project management and business analysis resource to support […]
Case Study
Client data project helps financial services business meet regulatory requirements

CBO supported a locally-based independent fiduciary and fund administration business to deliver a project driven by regulatory requirements. After a period of sustained growth, the business identified the need to enhance the efficiency of its existing processes, policies and systems relating to client data management and reporting capabilities. Identifying an opportunity, the client engaged CBO […]
Case Study
The Medical Specialist Group

The Medical Specialist Group The Medical Speciality Group (MSG) is a Guernsey-based organisation providing secondary health care and services to islanders across a broad range of specialisms. In the provision of these medical services, the MSG processes a large volume of extremely sensitive personal data where adequate controls of data and processes are needed to […]
Case Study
Data protection health check for Guernsey Mind

Guernsey Mind Guernsey Mind is an independent mental health charity, promoting positive mental health for the community by providing free mental health services as well as raising overall awareness. In the day-to-day running of the charity, Guernsey Mind processes and holds a wide range of personal data. The effective protection, security, and controls over of […]
Fancy a chat? Get in touch with CBO today to discuss how we can help
CBO Projects, The Albany, South Esplanade, St Peter Port, Guernsey GY1 1AQ
+44 (0)1481 729161 coffee@cboprojects.com
25, Pier Road, St Helier, Jersey, JE1 4HF
+44 (0)1534 486091 coffee@cboprojects.com