The new General Data Protection Regulation (GDPR) comes into effect on 25th May. It has significant changes to the Data Protection Act it replaces.
GP practices handle some of the most sensitive personal data. Your patients expect you to look after their medical information. The new legislation is complicated, so we're not able to offer you legal advice on GDPR. To save you time, here's a list of relevant resources that will help you understand the changes.
Information Commissioner's Office
The ICO upholds information rights in the public interest. It promotes openness by public bodies and data privacy for individuals.
Their website has several areas of interest:
- A general guide to GDPR
- Guidance for organisations that handle information about people's health and medical affairs
- Frequently asked questions for small health sector bodies, including GP practices
NHS Digital is England's information and technology partner for health and social care. Their work includes keeping patient data safe and making sure its only use is for the good of health and care.
The NHS Digital website offers a range of healthcare-specific guidance, including resources and information to help the NHS prepare for GDPR.
The BMA website contains information for GP practices, including:
- detailed guidance
- template privacy notices for GP practices
- checklists and FAQs