What is GDPR?
The General Data Protection Regulation (GDPR) is a new EU regulation that comes into force on 25th May 2018. The GDPR will replace the existing data protection legislation including the UK Data Protection Act 1998.
Who Does the GDPR apply to?
The GDPR applies to all individuals and organisations with day-to-day responsibilities for data protection.
What does this mean for patients?
- must be processed lawfully, fairly and transparently.
- collected for specific, explicit and legitimate purposes.
- must be limited to what is necessary for the purposes for which it is processed.
- must be accurate and kept up to date.
- must be held securely.
- It can only be retained for as long as is necessary for the reasons it was collected.
Further information can be found here:
Privacy Statement for patients