Office opening hours: 8.30am to 5.30pm Monday to Friday. Offices closed on Bank Holidays.
Home Menu Search

GDPR Headlines - Top Tips

*Updated 25th April 2018*

What is the GDPR (General Data Protection Regulation)?

The GDPR is a regulation that is applicable from 25th May 2018. Its strengthens the protection of personal data. The UK is enacting a Data Protection Bill which enshrines the provisions of the GDPR into UK law and establishes continuity of the GDPR in the UK post Brexit. The Data Protection Act will be repealed at this time.

Compliance is essential as fines under the GDPR are up to a maximum of 20 million Euro or 4% of turnover.

The GDPR strengthens the controls that organisations (data controllers) are required to have in place over the processing of personal data, including pseudonymised data.

Headline Requirements

Practices that are performing well in their information governance toolkit will have a good baseline to work from. However, organisations will be required to take specific actions and to be able to evidence that they have done so.

The Information Governance Alliance (see: https://digital.nhs.uk/data-and-information/looking-after-information/data-security-and-information-governance/information-governance-alliance-iga/general-data-protection-regulation-gdpr-guidance) has published general guidance and some resources for primary care.

The British Medical Association has published guidance at:  https://www.bma.org.uk/advice/employment/ethics/confidentiality-and-health-records/general-data-protection-regulation-gdpr  

The information commissioners office, who regulate data protection law, have published a couple of check lists which may be helpful,  https://ico.org.uk/for-organisations/resources-and-support/data-protection-self-assessment/

In the meantime, the Information Commissioner’s Office has published a couple of checklists which may be helpful: https://ico.org.uk/for-organisations/resources-and-support/data-protection-self-assessment/getting-ready-for-the-gdpr/

They also have GDPR specific webpages at:  https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr

And the GPC has advised the following:

The LMC will be sending out further information and advice to practices as it becomes available and we hope the above is helpful in the meantime.

'To access our FREE monthly webinars, please log-in to our website and access the members section next to the ‘my account’ button: https://www.wessexlmcs.com/membershipsectionhomepagePlease note that these live webinars are only available to our member practices’

Related guidance...

Practice Manager Newsletter

Email sent by Wessex LMCs, on Friday 22nd December 2017. This is the last in the series of newsletters for 2017 and which we hope you...

Practice Manager Newsletter

Email sent by Wessex LMCs, on Friday 22nd December 2017. This is the last in the series of newsletters for 2017 and which we hope you...

Wessex LMCs December update part 2

Some useful information has been circulated by the GPC over the weekend and I am aware that many GPs do not receive these emails and I...

GDPR – NHS Digital Guidance & GPC Blog

NHS Digital have now published a GDPR guidance note. This guidance is from the national GDPR working group and Information Governance...

Personal Data Rights (access, correction, objection & more)

This page will become effective from the 25th May 2018. This will replace our current guidance at:...

Download and bookmark...

About this page...

Updated on 25 April 2018 1594 views