General Data Protection Regulations Update
LMC Law delivered an interactive GDPR training session for Calderdale LMC on Wednesday 28th March 2018.
The General Data Protection Regulation (GDPR) is an EU Regulation which will be directly applicable in the UK on 25 May 2018.
Key changes under GDPR
- Compliance must be actively demonstrated, for example it will be necessary to: keep and maintain up-to-date records of the data flows from the practice and the legal basis for these flows; and have data protection policies and procedures in place.
- More information is required in 'privacy notices' for patients.
- A legal requirement to report certain data breaches.
- Significantly increased financial penalties for breaches as well as non-compliance.
- Practices will not be able to charge patients for access to medical records (save in exceptional circumstances).
- Designation of Data Protection Officers.
Below is a brief outline of the topics covered in the session:
- What is GDPR?
- Current obligations
- GPs as data controllers
- Lawful basis for processing
- Establishing a special category condition
- Data Protection Officer
- Data Protection Impact Assessments
- Privacy Notice
- Subject Access Requests
To download the presentation please click on the following link:
Published 5th April 2018