Spencer Private Hospitals

Spencer Private Hospitals

Spencer Private Hospitals is a respected private healthcare provider based in East Kent. As a wholly owned subsidiary of East Kent Hospitals University NHS Foundation Trust (EKHUFT), the hospital benefits from access to a wide range of NHS facilities, offering patients more than 200 private treatments and surgeries. Profits are reinvested back into the NHS to support wider public healthcare services. 

To support its commitment to high data protection standards, Spencer Private Hospitals engaged The DPO Centre for outsourced DPO services to strengthen internal compliance efforts and provide expert, ongoing guidance.

Key Challenges

• Managing complex RoPAs
• Handling special category data
• Submitting NHS DSPT

Solutions

The DPO Centre provided a designated Data Protection Officer (DPO) to work alongside Spencer Private Hospitals’ existing Information Governance team and internal DPO. As part of this support, the designated DPO helped update Spencer Private Hospitals’ Record of Processing Activities (RoPA) to reflect new processes that had been introduced during the COVID-19 pandemic. 

The outsourced DPO also sits on the hospital’s Information Governance Committee and attends monthly meetings, providing expert insights to support ongoing policy development and data protection governance. 

Outcome

Alex Aucutt-Ford, Head of Information, Quality and Resilience at Spencer Hospitals, said:

‘Our DPO from The DPO Centre has been excellent. They are happy to answer any questions we have and have been a great sounding board for our Information Governance team, which has supported all the great work the team does. By helping to provide a clear and prioritised plan of action, our DPO has ensured that we stay on track to meet our compliance goals.

Download case study PDF