- From the publishers of
- GPonline.com
- MIMS
- MIMS Learning
Information Links
GDPR and data security
Data security tools

Data Protection and Security Toolkit checklist
This checklist provides a guide to the information you will need and advice on how to complete the new Data Protection and Security Toolkit. Updated for 2020.

Downloadable policy: Data security policy template
This data security policy can be downloaded and adapted for use in your practice.

Online access to patient records - medico-legal advice
Advice on providing patients with online access to their records, by MDU medico-legal adviser Dr Carol Chu.

Redacting information from medical records - medico-legal advice
MDU medico-legal adviser Dr Ellie Mein provides advice on redacting information from medical records when complying with subject access requests or providing patients with access to their full online records.
GDPR in general practice

GDPR and fees for access to medical records
When practices can charge a fee and when they should provide information for free under a subject access request.

GDPR checklist
What should practices be doing to ensure they comply with the GDPR? Including links to useful resources.

GDPR: Advice on data protection officers
Information governance specialist Amy Ford answers questions from practices about appointing data protection officers in light of the GDPR.

What practices need to do under the GDPR
Medeconomics provides a summary of recent guidance, with links to useful resources.

What your reception and admin team need to know about GDPR
An overview of the GDPR that can be used to brief and update staff.

Understanding the GDPR: Lawful processing of personal data
What practices need to know about the legal basis for processing personal data and privacy notices.

How practices should deal with subject access requests
The BMA has updated its guidance on subject access requests in light of the GDPR. Medeconomics provides a summary.

Understanding the GDPR: Subject access requests
What practices need to know about subject access requests, by Dr Rachel Birch from Medical Protection.

Understanding the GDPR: Accountability and data breaches
Dr Rachel Birch from Medical Protection outlines the principle of accountability and the action practices should take in the event of a data breach.

GDPR: Can patients amend their records?
The MDU's Dr Carol Chu explains patients' rights about altering the content of their medical records.

What does the GDPR mean for GP practices as employers?
How does the GDPR apply to data practices hold about employees?

What is the General Data Protection Regulation (GDPR)?
From 25 May 2018 practices will be subject to new data protection regulations. Medeconomics provides an overview of the legislation.
More data security advice
-
How does the national data opt-out programme affect practices?
-
Practice dilemma: Dealing with a patient's data protection concerns
-
Proxy access to online patient records - updated
-
Three key confidentiality risks - and how to avoid them
-
Tips on data protection
-
How the Freedom of Information Act applies to GP practices
-
Data security standards for GP practices
-
Good practice in data security