Preparing for the General Data Protection Regulation (GDPR)
As you may be aware, it is compulsory to ensure that you collect and store confidential data and client contact data in accordance with the GDPR.
Does your organisation need to appoint a Data Protection officer?
The answer is yes, healthcare providers fall into the category of processing sensitive personal data. The regulations apply to personal data, which includes:
- Medical information;
- Email addresses;
- Posts on social networking websites; and
- Computer IP addresses.
Have you appointed a Data Protection Officer for your company?
If not, an external Data Protection Officer can be appointed. Virtual Administration can provide this service, making sure your company is fully GDPR compliant.
It is important and good practice to carry out every six months, a revision of your processes and procedures in relation to data protection, for example, making sure you have gained parental or guardian consent in order to process data lawfully, giving the right to withdraw their consent.
There is no need to panic, you have until 25 May 2018 to have everything in place to ensure you are data compliant with all the necessary regulations.
We aim to make the GDPR easily understandable, transparent, easy to implement and easy to keep up to date.
These are the areas we will cover:
- Map Information Process;
- Creating an ‘Opt-out’ area for all correspondence;
- Consent Form – updating your original template;
- Privacy Notice;
- Sharing data with other Data Controllers; and
- How to deal with Breach Notifications.
Please contact Tracey Clarke to book an appointment to discuss further on 07939 935755.