GDPR and data security

Data security tools

Data Protection and Security Toolkit checklist

Data Protection and Security Toolkit checklist

This checklist provides a guide to the information you will need and advice on how to complete the new Data Protection and Security Toolkit.

Downloadable policy: Data security policy template

Downloadable policy: Data security policy template

This data security policy can be downloaded and adapted for use in your practice.

Online access to patient records - medico-legal advice

Online access to patient records - medico-legal advice

Advice on providing patients with online access to their records, by MDU medico-legal adviser Dr Carol Chu.

Redacting information from medical records - medico-legal advice

Redacting information from medical records - medico-legal advice

MDU medico-legal adviser Dr Ellie Mein provides advice on redacting information from medical records when complying with subject access requests or providing patients with access to their full online records.


GDPR in general practice

GDPR and fees for access to medical records

GDPR and fees for access to medical records

When practices can charge a fee and when they should provide information for free under a subject access request.

GDPR checklist

GDPR checklist

What should practices be doing to ensure they comply with the GDPR? Including links to useful resources.

GDPR: Advice on data protection officers

GDPR: Advice on data protection officers

Information governance specialist Amy Ford answers questions from practices about appointing data protection officers in light of the GDPR.

What practices need to do under the GDPR

What practices need to do under the GDPR

Medeconomics provides a summary of recent guidance, with links to useful resources.

What your reception and admin team need to know about GDPR

What your reception and admin team need to know about GDPR

An overview of the GDPR that can be used to brief and update staff.

Understanding the GDPR: Lawful processing of personal data

Understanding the GDPR: Lawful processing of personal data

What practices need to know about the legal basis for processing personal data and privacy notices.

How practices should deal with subject access requests

How practices should deal with subject access requests

The BMA has updated its guidance on subject access requests in light of the GDPR. Medeconomics provides a summary.

Understanding the GDPR: Subject access requests

Understanding the GDPR: Subject access requests

What practices need to know about subject access requests, by Dr Rachel Birch from Medical Protection.

Understanding the GDPR: Accountability and data breaches

Understanding the GDPR: Accountability and data breaches

Dr Rachel Birch from Medical Protection outlines the principle of accountability and the action practices should take in the event of a data breach.

GDPR: Can patients amend their records?

GDPR: Can patients amend their records?

The MDU's Dr Carol Chu explains patients' rights about altering the content of their medical records.

What does the GDPR mean for GP practices as employers?

What does the GDPR mean for GP practices as employers?

How does the GDPR apply to data practices hold about employees?

What is the General Data Protection Regulation (GDPR)?

What is the General Data Protection Regulation (GDPR)?

From 25 May 2018 practices will be subject to new data protection regulations. Medeconomics provides an overview of the legislation.


More data security advice

[DAYS_LEFT] days left of your Medeconomics free trial

Subscribe now

Your free trial has expired

Subscribe now to access Medeconomics

GP Fees Database

Browse private and professional fees

Search all fees and NHS funding