GDPR stands for General Data Protection Regulations and is a new piece of legislation that will supersede the Data Protection Act. It will not only apply to the UK and the EU; it covers anywhere in the world in which data about EU citizens is processed. The GDPR is similar to the Data Protection Act 1998 (which the practice already complies with), but strengthens many of the DPA’s principles. The main changes are:
• Practices must comply with subject access requests
• Where we need your consent to process data, this consent must be freely given, specific, informed and unambiguous
• There are new, special protections for patient data
• The Information Commissioner’s Office must be notified within 72hrs of a data breach
• There are higher fines for data breaches – up to £18million.
What is consent?
Consent is permission from a patient. The changes in GDPR mean that we must get explicit consent from patients when using their data. This is to protect your right to privacy, and we may ask you to provide consent to do certain things, like contact you or record certain information about you for your clinical records.
If you would like to give us your consent, please just speak to Reception.
Please note, you have the right to withdraw your consent at any time
To read more on GDPR please click the following link:
To view our privacy notice, please click the following links:
YOUR DATA MATTERS