Data Protection Impact Assessments

In our role as a mental health trust, GMMH process personal confidential information and we take our duty to confidentiality very seriously.


Data Protection Impact Assessments (DPIAs) help organisations identify, assess and mitigate or minimise privacy risks with data processing activities. They’re particularly relevant when a new data processing process, system or technology is being introduced.

DPIAs also support the accountability principle, as they help organisations comply with the requirements of the General Data Protection Regulation (GDPR) and demonstrate that appropriate measures have been taken to ensure compliance with the law.

A DPIA is a proforma or risk assessment which asks questions about the process or new system based on data quality / data protection / information security and technology.


Further information on DPIAs can be found on the Information Commissioner’s website at

To request a copy of a specific DPIA, please submit a Freedom of Information request to

As a patient

As a service user, relative or carer using our services, sometimes you may need to turn to someone for help, advice, and support. 

Find resources for carers and service users  Contact the Trust