About usGet involvedHelp & supportContact us
Join Us
MyRCR Login
Specialties
Clinical radiology
Discover clinical radiologyWhat is the future of radiology?Thinking about a career in radiology?
Starting your radiology careerGMC registrationCESR registration
Developing your radiology careerPostgraduate certificate in medical educationBreast cliniciansMedical educator development
Radiology Boards & Committees
Clinical oncology
Discover clinical oncologyWhat is the future of clinical oncology?Thinking about a career in clinical oncology?
Developing your oncology careerMedical educator development
Starting your oncology careerCESR registrationGMC registration
Oncology Boards & Committees
Membership
How to become a memberEvidence to support your membership applicationUK trainee enrolment
Membership categories & feesFellowship without examinationDiscounts on membership
Admission of FellowsFellows ceremony FAQsCeremony venue information
Member benefitsSenior Fellows ForumMember magazine (Newsletter)
Membership FAQs
Exams & training
RCR exams
Clinical radiology examsDDMFR Part ADDMFR Part BFRCR Part 1 (Radiology) - CR1FRCR Part 2A (Radiology) - CR2AFRCR Part 2B (Radiology) - CR2BJoint Final Exams (Radiology)
Clinical oncology examsFRCR Part 1 (Oncology) - CO1FRCR Part 2A (Oncology) - CO2AFRCR Part 2B (Oncology) - CO2BJoint Final Exams (Oncology)
Exam help & resources
Exam regulations & policies
Specialty training
Enrolling with the College
Risr/advance
Training guidance for clinical radiology
Training guidance for clinical oncologyOut of Programme Activities (OOPE, OOPR and OOPT)
Regional Specialty Advisers
Quality assurance
Completing training (CCT)
Clinical radiology curriculumInterventional radiology curriculumImplementation toolsAssessmentRadiology e-learning
Clinical oncology curriculumAssessmentOncology e-learning
Medical Training Initiative (MTI)
Application process
Eligibility criteria
Guidance for UK supervisors
Guidance for potential MTI applicants
In-post guidance
Undergraduate clinical radiology
Undergraduate curriculum
Undergraduate Radiology Day
Join the Clinical Radiology Undergraduate Committee
The Undergraduate Radiology Societies Association (URSA)Apply to join URSA
Undergraduate clinical oncology
Undergraduate curriculum
Undergraduate Oncology Day
BONUS Society
CPD & events
All RCR eventsClinical radiology eventsClinical oncology eventsExternal eventsEvent guidance
Learning HubHow to use the Learning HubRadiology Events and Learning (REAL)
RadReachBecome a RadReach mentorBecome a RadReach menteeJoin the RadReach Steering Group
Advisory Appointment Committee (AAC)
CPD advice & supportCPD FAQsCPD user journal guide
Revalidation
Career development
Audit & Quality ImprovementAuditLive (Radiology)Audit Library (Oncology)
Understanding career stagesSchool studentsMedical studentsFoundation & core medical trainees
Being a traineeClinical radiology trainee resourcesClinical oncology trainee resources
Being a consultantWorking as a radiologist in the UKHuman factors
Professional networksSub-specialties & Special Interest Groups (SIGs)SAS Doctors Network
Medical careers & recruitmentSpecialty recruitmentClinical radiology ST3 recruitment and specialty training schemeGlobal recruitmentPreparing for interviews
Research & academiaAcademic radiology & researchAcademic oncology and research
Awards & honours
Services & resources
All our publicationsClinical radiology publicationsClinical oncology publicationsStandards publicationsJournals
Artificial intelligence (AI)Overcoming Barriers to AI Implementation in Imaging
iReferiRefer trainee scheme summary sheet
Management & service deliveryNational radiotherapy consent formsQuality Standard for Imaging (QSI)Service reviewUsing & understanding cancer dataPostoperative radiotherapy for breast cancer: UK consensus statementsStructured Reporting For Cancer StagingRadiotherapy planningDeveloping a business case for recruitment of CO traineesClinical Imaging Board
News
All our latest updatesNewsBlogsPress releasesStatementsExam updates
Media centre
Policy reports & initiativesClinical radiology census reportsClinical oncology census reportsState of the waitThe SACT capacity crisis in the NHSImproving PIR services in the UKThe All-Party Parliamentary Group for Diagnostics

Member benefits

View

Data protection policy and procedures

LEARN MORE

In order to conduct its business, The Royal College of Radiologists (RCR) processes personal data about living individuals. These are current and prospective individuals who come in to contact with the RCR and with whom it communicates and conducts business.

The RCR has an obligation to ensure that it handles personal data lawfully and correctly adhering to the key principles of the General Data Protection Regulation as set out below:

Principle (a) – lawfulness, fairness and transparency       

Principle (b) – purpose limitation

Principle (c) – data minimisation       

Principle (d) – accuracy        

Principle (e) – storage limitation        

Principle (f) – integrity and confidentiality    

Accountability principle

Your consent

By transacting with The Royal College of Radiologists you are giving consent for your personal data being collected, used and transferred in accordance with the College’s ICO registration and this policy. It is your responsibility to ensure that the College is able to keep your personal data accurate and up-to-date. 

When trainees and examination candidates register with the College they accept that details of their training and examination records may be passed to their trainers, educational supervisors and Deanery/Local Educational Training Board (LETB).                                                                                

Application of the General Data Protection Regulation

The General Data Protection Regulation applies to the processing of personal data by data controllers

What is personal data?

Personal data only includes information relating to natural persons who:

  • can be identified or who are identifiable, directly from the information in question; or
  • who can be indirectly identified from that information in combination with other information.

Types of 'personal data' processed by the RCR include names, addresses, email addresses, date of birth, identification number; location data; and an online identifier.

Special categories data 

Special category data is personal data which the GDPR says is more sensitive, and so needs more protection.

Special categories data as defined by the GDPR means personal data consisting of information as to -

(a) race;

(b) ethnic origin;

(c) politics;

(d) religion;

(e) trade union membership;

(f) genetics;

(g) biometrics (where used for ID purposes);

(h) health;

(i) sex life; or

(j) sexual orientation.

What is processing?

‘Processing’ in relation to information or data means the obtaining, recording, or holding of personal data.

The RCR processes personal data in order to -

  • record and update details about the members of the College

  • record and update details about those who are associated, affiliated or work with the College

  • fulfil its duties in respect of training and examining in its specialties

  • create and maintain records for the purpose of providingprofessional development activities

  • undertake surveys, censuses and questionnaires to fulfil its objects and purposes

  • undertake research, audit and quality improvement work to fulfil its objects and purposes

  • produce, review and update standards, guidelines and guidance to fulfil its objects and purposes

  • carry out College Council, board and committee administration

  • fulfil its role in respect of NHS Advisory Appointments Committees

  • fulfil its duties as an employer

  • monitor its activities including the equality and diversity of its activities

  • fulfil its duties in operating premises including security

  • assist regulatory and law enforcement agencies

Where appropriate and governed by necessary safeguards we will carry out the above processing jointly with other appropriate bodies from time to time.

What is a data controller?

A 'data controller' is the body that is responsible for complying with the Data Protection Act within the United Kingdom. The RCR for this purpose under the General Data Protection Regulation is the Data Controller in respect of RCR personal data processing.

The Royal College of Radiologists’ Information Commissioner’s Office (ICO) listing on the Data Protection public register can be viewed at https://ico.org.uk/ by inputting the College’s registration number Z6099298.

Who is responsible for protecting my personal data?

The trustees of the RCR as a charity registered with the Charity Commission (the trustees are the elected and appointed Officers and the elected members of Council of the RCR) have ultimate responsibility for ensuring compliance with the General Data Protection Regulation for the RCR. Council has delegated this responsibility day to day to the RCR Chief Executive.

The Data Protection Officer is responsible for compliance by the RCR with the General Data Protection Regulation and this policy and the handling of any Subject Access Requests made to the RCR.  The Data Protection Officer can be contacted on 020 7406 5951 or via email at

Subject Access Request

Under the General Data Protection Regulation, any living person, who is the subject of personal data processed by the RCR, has a right to apply for access to that data.  This is known as a Subject Access Request.

Subject access requests provide a right to see the information contained in personal data, rather than a right to see the documents that include that information.

This right applies to all organised data sources. Fellows and members also have the right to be informed on how to keep their personal data up to date.

Subject access requests should be made in writing by email to   or to Data Protection Officer, The Royal College of Radiologists, 63 Lincoln’s Inn Fields, London, WC2A 3JW.  The Data Protection Officer will send an acknowledgement confirming receipt of the request.

The College will respond to a subject access request promptly and in any event within 30 calendar days, or as detailed below if the request relates to examinations, of receiving it, in line with the General Data Protection Regulation.

Examinations

Examination marks

Under paragraph 8, Schedule 7 of the GDPR the time limit for the period in which a subject access request has to be dealt with is extended to the earlier of:

  1. the end of five months from the date of the request; or

  2. the end of 30 days from the date of the announcement of the results

Examination scripts

Under Schedule 7, paragraph 9 it is provided that anything recorded by candidates is exempt from a subject access request.  Therefore candidates do not have an automatic right of access to examination scripts.

Transferring of business data

Third party data transfer within the UK

In order for the RCR to perform its day-to-day activities it uses the services of third-party data processors. The RCR as a data controller is legally responsible for the processing undertaken by its data processors therefore the RCR has ensured that third party businesses are contractually obliged to comply with Information security as set out in the General Data Protection Regulation on its behalf.

Transfer of personal data outside the UK

The RCR transfers personal information overseas.  Where transfers are made within the EEA, the RCR will adhere to the ICO guidance on transfer of data. 

The College performs various activities in a number of countries. Personal data sent to these countries is sent securely in compliance with the requirements of the General Data Protection Regulation.

Diversity monitoring

The College monitors the diversity of its Fellows and members, its employees and others in order to ensure that there is no inappropriate or unlawful discrimination in the way the RCR conducts its activities.  This data will be treated as confidential.  It will only be accessed by authorised individuals at the College and will not be disclosed to any other bodies or individuals.  Anonymised data derived from diversity monitoring will be used for monitoring purposes and may be published and passed to other bodies. 

Online directory of Fellows and members

The College maintains an online directory of its Fellows and members, which can be accessed through the members’ and Fellows’ area of the website using a password. This is not available to the public.  Upon registration with the College the default information of name and membership type will automatically appear.  The full listing comprises postal address, telephone and facsimile numbers and email address for both home and work (when known).  You may, if you wish, restrict the data that appears in the online Directory, through myRCR and withhold publication of any of your personal data in the Directory altogether.  The College makes every effort to prevent data being copied or multiple searches taking place to avoid improper use of personal data.     

See the Royal College of Radiologists’ policies and privacy notices.

Policies