There has been a flurry of activity from companies ahead of the new data protection rules which come into force on 25 May 2018 but it’s not too late for your practice. Healthcode are here to provide the support and practical tools you need to make the transition.
The General Data Protection Regulation (GDPR) applies to every organisation that handles personal information. As well as strengthening the legal rights of individual data subjects, it imposes greater obligations on practices to document processes, increase transparency and ensure that data is held securely. Breaches of the GDPR could result in financial penalties and reputational damage.
If your practice is already following data protection best practice, you are already well on the way to achieving compliance with the new data rules. However, there are a number of ways that Healthcode can help you meet the more stringent requirements of the GDPR:
The GDPR Toolkit
Produced in collaboration with specialist corporate and technology lawyers, the toolkit is specifically developed for the needs of independent practices and consists of:
1. GDPR Guide - The guide introduces the GDPR’s key changes and terminology, explain how they affect your independent practice and provide practical steps to compliance.
2. GDPR templates - The Toolkit includes six templates to help you manage and document data protection processes in line with the GDPR. They include a privacy policy, an information asset register to help you keep track of the data you hold, a model subject access request procedure and a breach notification procedure. All templates can be easily implemented within your practice so you can achieve and demonstrate compliance with the GDPR.
3. Subject access export - a tool that enables you to collate and extract the information you hold on a patient, within ePractice such as notes, alerts and correspondence. It means you can respond to a subject access request quickly and easily and in a portable format.
Please log in to ePractice for further information.
Data security
If you rely on a third party supplier to process or store data on your behalf, the ICO expects you to make sure they have appropriate information security safeguards in place.
Healthcode is continually working to ensure that our services meet the highest data protection standards.
If you are a Healthcode customer, you can be sure that your data is stored within a private dedicated infrastructure which is physically located in a secure UK data centre, rather than held in a data cloud in an unknown location. Healthcode’s information security systems also comply with the latest international specification for information security management systems (ISO/IEC 27001:2013).
Advice and updates
Compliance with data protection law is not a one-off exercise but an on-going effort. We have produced a series of blogs in the run-up to the GDPR to help you understand what has changed and we will be adding to these in the coming weeks. Keep visiting http://www.healthcode.co.uk/latest-news/healthcode-blog/ for more news.