Case Study: Nottingham University Hospitals NHS Trust achieves greater transparency and compliance with CoreStream GRC

CoreStream GRC empowers Nottingham University Hospitals to transform data transparency and compliance programs

Nottingham University Hospitals NHS Trust, one of the UK's largest NHS Trusts, faced significant challenges in managing thousands of manual Subject Access Requests and Freedom of Information requests. Their disparate, paper and email-based processes led to operational inefficiencies, delays, and difficulty meeting compliance deadlines. To address this, they partnered with CoreStream GRC to implement its data privacy management solution to standardize and digitize their workflows.

By implementing CoreStream GRC, the Trust automated and centralized its request management, reducing task times from minutes to seconds. The solution provided full visibility with audit trails, saving staff 3-5 hours per week and enabling proactive resource planning. CoreStream GRC's platform processed 10,000 annual requests more efficiently, making the entire process auditable and empowering the team to spend less time chasing data and more time using it strategically.

Nottingham University Hospitals NHS Trust

Marc Wilson

Head of Information Security & Data Protection Officer