GDPR and data security
This checklist provides a guide to the information you will need and advice on how to complete the new Data Protection and Security Toolkit. Updated for 2019/20.
This data security policy can be downloaded and adapted for use in your practice.
Advice on providing patients with online access to their records, by MDU medico-legal adviser Dr Carol Chu.
MDU medico-legal adviser Dr Ellie Mein provides advice on redacting information from medical records when complying with subject access requests or providing patients with access to their full online records.
When practices can charge a fee and when they should provide information for free under a subject access request.
What should practices be doing to ensure they comply with the GDPR? Including links to useful resources.
Information governance specialist Amy Ford answers questions from practices about appointing data protection officers in light of the GDPR.
Medeconomics provides a summary of recent guidance, with links to useful resources.
An overview of the GDPR that can be used to brief and update staff.
What practices need to know about the legal basis for processing personal data and privacy notices.
The BMA has updated its guidance on subject access requests in light of the GDPR. Medeconomics provides a summary.
What practices need to know about subject access requests, by Dr Rachel Birch from Medical Protection.
Dr Rachel Birch from Medical Protection outlines the principle of accountability and the action practices should take in the event of a data breach.
The MDU's Dr Carol Chu explains patients' rights about altering the content of their medical records.
How does the GDPR apply to data practices hold about employees?
From 25 May 2018 practices will be subject to new data protection regulations. Medeconomics provides an overview of the legislation.