In this document we have summarised the Data Controller Obligations that you should expect to see in your organisation to ensure your patient’s right to privacy is protected.