SlideShare a Scribd company logo

GDPR FOR CLINICS

Download as PPTX, PDF
Sara Mogford
Sara Mogford

A guide to GDPR and patients rights from Mark Lainchbury of e-clinic, the popular clinic management software.

Healthcare
1 of 19
GDPR AND PATIENT RIGHTS A guide to not panicking e-clinic.co.uk
MARK LAINCHBURY • MD of e-clinic • Created e-clinic in 2002 • Worked in healthcare software since 1997 • I am not a medical professional • I am not a lawyer e-clinic.co.uk
ICO “We’re not going to be looking at perfection, we're going to be looking for commitment” e-clinic.co.uk
WHAT GDPR IS • Designed to protect individuals • Only applies to ‘personal data’ • The GDPR applies to both automated personal data and to manual filing systems where personal data are accessible according to specific criteria. This could include chronologically ordered sets of manual records containing personal data • Fundamental shift in the balance of responsibility e-clinic.co.uk
PERSONAL DATA • Electronic records • Paper records Obvious stuff • Name, address, treatment, financials, photographs, completed forms... e-clinic.co.uk
PERSONAL DATA Less obvious stuff • People connected to organisations - not just patients • Mobile phone contacts • Cookies, IP address, PPC data • Post it notes e-clinic.co.uk
INDIVIDUAL RIGHTS The right… • To be informed • Of access • To rectification • To erasure • To restrict processing • To data portability • To object • In relation to automated decision making and profiling e-clinic.co.uk
WHAT GDPR ISN’T • Does not prevent you from storing data • Does not require mass data deletion • Does not negate previous consent • Does not enforce ‘paperless’ records • Does not bar you from sending data outside the UK/EU/EEA • Brexit may affect that last bit! e-clinic.co.uk
RIGHT TO PROCESS DATA • Must have a valid lawful basis to process personal data • 6 bases – Consent – Contract – Legal Obligation – Vital Interests – Public Task – Legitimate Interest e-clinic.co.uk
CONSENT MUST BE EXPLICIT YE S e-clinic.co.uk
CONSENT MUST NOT BE IMPLIED e-clinic.co.uk
CONSENT MUST NOT BE IMPLIED e-clinic.co.uk
LEGAL OBLIGATION • Clinical Data Laws/Guidelines • BMA Website • Company/Accounting Law • UK Government Web Site e-clinic.co.uk
IS YOUR SOFTWARE GDPR COMPLIANT? • No software can be, by itself, GDPR compliant • Software can only provide tools to enable compliance • Obligations are sometimes contradictory e-clinic.co.uk
DATA FILTERING FOUND SET – 29 PATIENTS e-clinic.co.uk
DATA FILTERING CAMPAIGN CREATED– 28 PATIENTS e-clinic.co.uk
DATA SHARING BETWEEN APPS Typical Web Apps Application Programming Interface • Most modern applications use API technology to share data • It is not unlawful to send data outside the UK/EU/EEA • But be aware where your data is going • Mailchimp – US • Xero – New Zealand e-clinic.co.uk
WHAT IS GDPR COMPLIANCE • GDPR compliance is a process • GDPR compliance is a mindset • GDPR compliance is a form of respect e-clinic.co.uk
THANK YOU Any questions? Email sales@e-clinic.co.uk e-clinic.co.uk

Recommended

GDPR From Implementation to Opportunity
GDPR From Implementation to OpportunityGDPR From Implementation to Opportunity
GDPR From Implementation to OpportunityDean Sappey
 
What does GDPR mean for your charity?
What does GDPR mean for your charity?What does GDPR mean for your charity?
What does GDPR mean for your charity?NCVO - National Council for Voluntary Organisations
 
Impact of GDPR on Data Collection and Processing
Impact of GDPR on Data Collection and ProcessingImpact of GDPR on Data Collection and Processing
Impact of GDPR on Data Collection and ProcessingPromptCloud
 
GDPR The New Data Protection Law coming into effect May 2018. What does it me...
GDPR The New Data Protection Law coming into effect May 2018. What does it me...GDPR The New Data Protection Law coming into effect May 2018. What does it me...
GDPR The New Data Protection Law coming into effect May 2018. What does it me...eHealth Forum
 
GDPR for Dummies
GDPR for DummiesGDPR for Dummies
GDPR for DummiesCaroline Boscher
 
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...Qualsys Ltd
 
MindMap AVG Louwers Advocaten V 4.0 (EN)
MindMap AVG Louwers Advocaten V 4.0 (EN)MindMap AVG Louwers Advocaten V 4.0 (EN)
MindMap AVG Louwers Advocaten V 4.0 (EN)Huub de Jong
 
Understanding the EU's new General Data Protection Regulation (GDPR)
Understanding the EU's new General Data Protection Regulation (GDPR)Understanding the EU's new General Data Protection Regulation (GDPR)
Understanding the EU's new General Data Protection Regulation (GDPR)Acquia
 

Recommended

GDPR From Implementation to Opportunity
GDPR From Implementation to OpportunityGDPR From Implementation to Opportunity
GDPR From Implementation to OpportunityDean Sappey
 
What does GDPR mean for your charity?
What does GDPR mean for your charity?What does GDPR mean for your charity?
What does GDPR mean for your charity?NCVO - National Council for Voluntary Organisations
 
Impact of GDPR on Data Collection and Processing
Impact of GDPR on Data Collection and ProcessingImpact of GDPR on Data Collection and Processing
Impact of GDPR on Data Collection and ProcessingPromptCloud
 
GDPR The New Data Protection Law coming into effect May 2018. What does it me...
GDPR The New Data Protection Law coming into effect May 2018. What does it me...GDPR The New Data Protection Law coming into effect May 2018. What does it me...
GDPR The New Data Protection Law coming into effect May 2018. What does it me...eHealth Forum
 
GDPR for Dummies
GDPR for DummiesGDPR for Dummies
GDPR for DummiesCaroline Boscher
 
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...Qualsys Ltd
 
MindMap AVG Louwers Advocaten V 4.0 (EN)
MindMap AVG Louwers Advocaten V 4.0 (EN)MindMap AVG Louwers Advocaten V 4.0 (EN)
MindMap AVG Louwers Advocaten V 4.0 (EN)Huub de Jong
 
Understanding the EU's new General Data Protection Regulation (GDPR)
Understanding the EU's new General Data Protection Regulation (GDPR)Understanding the EU's new General Data Protection Regulation (GDPR)
Understanding the EU's new General Data Protection Regulation (GDPR)Acquia
 
GDPR Compliance: What You Need to Know Before May 2018
GDPR Compliance: What You Need to Know Before May 2018GDPR Compliance: What You Need to Know Before May 2018
GDPR Compliance: What You Need to Know Before May 2018Infosec
 
General Data Protection Regulations (GDPR): Do you understand it and are you ...
General Data Protection Regulations (GDPR): Do you understand it and are you ...General Data Protection Regulations (GDPR): Do you understand it and are you ...
General Data Protection Regulations (GDPR): Do you understand it and are you ...Cvent
 
"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin
"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin
"GDPR - All You Need To Know" presentation from event Nov 16th in BerlinMailjet
 
GDPR Guide: The ICO's 12 Recommended Steps To Take Now
GDPR Guide: The ICO's 12 Recommended Steps To Take NowGDPR Guide: The ICO's 12 Recommended Steps To Take Now
GDPR Guide: The ICO's 12 Recommended Steps To Take NowHackerOne
 
GDPR Presentation slides
GDPR Presentation slidesGDPR Presentation slides
GDPR Presentation slidesNaomi Holmes
 
The Essential Guide to GDPR
The Essential Guide to GDPRThe Essential Guide to GDPR
The Essential Guide to GDPRTim Hyman LLB
 
Are You Prepared for the GDPR?
Are You Prepared for the GDPR?Are You Prepared for the GDPR?
Are You Prepared for the GDPR?PrivacyPolicies.com
 
How GDPR will change Personal Data Control and Affect Everyone
How GDPR will change Personal Data Control and Affect EveryoneHow GDPR will change Personal Data Control and Affect Everyone
How GDPR will change Personal Data Control and Affect EveryoneThomas Goubau
 
2017 09 13_VOKA The Big Refresh - GDPR - IFORI
2017 09 13_VOKA The Big Refresh - GDPR - IFORI2017 09 13_VOKA The Big Refresh - GDPR - IFORI
2017 09 13_VOKA The Big Refresh - GDPR - IFORIKarel Holst
 
GDPR presentation BE-Com - IFORI
GDPR presentation BE-Com - IFORIGDPR presentation BE-Com - IFORI
GDPR presentation BE-Com - IFORIKarel Holst
 
EU GDPR (training)
EU GDPR (training) EU GDPR (training)
EU GDPR (training) Elizabeth Baker, JD, CRCMP
 
Simple GDPR Overview
Simple GDPR OverviewSimple GDPR Overview
Simple GDPR OverviewGydeline Ltd
 
GDPR Demystified
GDPR DemystifiedGDPR Demystified
GDPR DemystifiedSPIN Chennai
 
Gdpr in a nutshell
Gdpr in a nutshellGdpr in a nutshell
Gdpr in a nutshellMatthew Butler
 
GDPR Basics - General Data Protection Regulation
GDPR Basics - General Data Protection RegulationGDPR Basics - General Data Protection Regulation
GDPR Basics - General Data Protection RegulationVicky Dallas
 
An Overview of GDPR by Pathway Group
An Overview of GDPR by Pathway GroupAn Overview of GDPR by Pathway Group
An Overview of GDPR by Pathway GroupThe Pathway Group
 
Introduction to GDPR
Introduction to GDPRIntroduction to GDPR
Introduction to GDPRMartyn Ripley
 
Gdpr action plan - ISSA
Gdpr action plan - ISSAGdpr action plan - ISSA
Gdpr action plan - ISSAUlf Mattsson
 
Sophie's Privacy - a story about GDPR
Sophie's Privacy - a story about GDPRSophie's Privacy - a story about GDPR
Sophie's Privacy - a story about GDPRHans Demeyer
 
Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016John Greenwood
 
GDPR Practicalities - The Data Shed
GDPR Practicalities - The Data ShedGDPR Practicalities - The Data Shed
GDPR Practicalities - The Data ShedStewart Norriss
 
Gdpr demystified - making sense of the regulation
Gdpr demystified - making sense of the regulationGdpr demystified - making sense of the regulation
Gdpr demystified - making sense of the regulationJames Mulhern
 

More Related Content

What's hot

GDPR Compliance: What You Need to Know Before May 2018
GDPR Compliance: What You Need to Know Before May 2018GDPR Compliance: What You Need to Know Before May 2018
GDPR Compliance: What You Need to Know Before May 2018Infosec
 
General Data Protection Regulations (GDPR): Do you understand it and are you ...
General Data Protection Regulations (GDPR): Do you understand it and are you ...General Data Protection Regulations (GDPR): Do you understand it and are you ...
General Data Protection Regulations (GDPR): Do you understand it and are you ...Cvent
 
"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin
"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin
"GDPR - All You Need To Know" presentation from event Nov 16th in BerlinMailjet
 
GDPR Guide: The ICO's 12 Recommended Steps To Take Now
GDPR Guide: The ICO's 12 Recommended Steps To Take NowGDPR Guide: The ICO's 12 Recommended Steps To Take Now
GDPR Guide: The ICO's 12 Recommended Steps To Take NowHackerOne
 
GDPR Presentation slides
GDPR Presentation slidesGDPR Presentation slides
GDPR Presentation slidesNaomi Holmes
 
The Essential Guide to GDPR
The Essential Guide to GDPRThe Essential Guide to GDPR
The Essential Guide to GDPRTim Hyman LLB
 
How GDPR will change Personal Data Control and Affect Everyone
How GDPR will change Personal Data Control and Affect EveryoneHow GDPR will change Personal Data Control and Affect Everyone
How GDPR will change Personal Data Control and Affect EveryoneThomas Goubau
 
2017 09 13_VOKA The Big Refresh - GDPR - IFORI
2017 09 13_VOKA The Big Refresh - GDPR - IFORI2017 09 13_VOKA The Big Refresh - GDPR - IFORI
2017 09 13_VOKA The Big Refresh - GDPR - IFORIKarel Holst
 
GDPR presentation BE-Com - IFORI
GDPR presentation BE-Com - IFORIGDPR presentation BE-Com - IFORI
GDPR presentation BE-Com - IFORIKarel Holst
 
Simple GDPR Overview
Simple GDPR OverviewSimple GDPR Overview
Simple GDPR OverviewGydeline Ltd
 
GDPR Basics - General Data Protection Regulation
GDPR Basics - General Data Protection RegulationGDPR Basics - General Data Protection Regulation
GDPR Basics - General Data Protection RegulationVicky Dallas
 
An Overview of GDPR by Pathway Group
An Overview of GDPR by Pathway GroupAn Overview of GDPR by Pathway Group
An Overview of GDPR by Pathway GroupThe Pathway Group
 
Introduction to GDPR
Introduction to GDPRIntroduction to GDPR
Introduction to GDPRMartyn Ripley
 
Gdpr action plan - ISSA
Gdpr action plan - ISSAGdpr action plan - ISSA
Gdpr action plan - ISSAUlf Mattsson
 
Sophie's Privacy - a story about GDPR
Sophie's Privacy - a story about GDPRSophie's Privacy - a story about GDPR
Sophie's Privacy - a story about GDPRHans Demeyer
 
Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016John Greenwood
 

What's hot (20)

GDPR Compliance: What You Need to Know Before May 2018
GDPR Compliance: What You Need to Know Before May 2018GDPR Compliance: What You Need to Know Before May 2018
GDPR Compliance: What You Need to Know Before May 2018
 
General Data Protection Regulations (GDPR): Do you understand it and are you ...
General Data Protection Regulations (GDPR): Do you understand it and are you ...General Data Protection Regulations (GDPR): Do you understand it and are you ...
General Data Protection Regulations (GDPR): Do you understand it and are you ...
 
"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin
"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin
"GDPR - All You Need To Know" presentation from event Nov 16th in Berlin
 
GDPR Guide: The ICO's 12 Recommended Steps To Take Now
GDPR Guide: The ICO's 12 Recommended Steps To Take NowGDPR Guide: The ICO's 12 Recommended Steps To Take Now
GDPR Guide: The ICO's 12 Recommended Steps To Take Now
 
GDPR Presentation slides
GDPR Presentation slidesGDPR Presentation slides
GDPR Presentation slides
 
The Essential Guide to GDPR
The Essential Guide to GDPRThe Essential Guide to GDPR
The Essential Guide to GDPR
 
Are You Prepared for the GDPR?
Are You Prepared for the GDPR?Are You Prepared for the GDPR?
Are You Prepared for the GDPR?
 
How GDPR will change Personal Data Control and Affect Everyone
How GDPR will change Personal Data Control and Affect EveryoneHow GDPR will change Personal Data Control and Affect Everyone
How GDPR will change Personal Data Control and Affect Everyone
 
2017 09 13_VOKA The Big Refresh - GDPR - IFORI
2017 09 13_VOKA The Big Refresh - GDPR - IFORI2017 09 13_VOKA The Big Refresh - GDPR - IFORI
2017 09 13_VOKA The Big Refresh - GDPR - IFORI
 
GDPR presentation BE-Com - IFORI
GDPR presentation BE-Com - IFORIGDPR presentation BE-Com - IFORI
GDPR presentation BE-Com - IFORI
 
EU GDPR (training)
EU GDPR (training) EU GDPR (training)
EU GDPR (training)
 
Simple GDPR Overview
Simple GDPR OverviewSimple GDPR Overview
Simple GDPR Overview
 
GDPR Demystified
GDPR DemystifiedGDPR Demystified
GDPR Demystified
 
Gdpr in a nutshell
Gdpr in a nutshellGdpr in a nutshell
Gdpr in a nutshell
 
GDPR Basics - General Data Protection Regulation
GDPR Basics - General Data Protection RegulationGDPR Basics - General Data Protection Regulation
GDPR Basics - General Data Protection Regulation
 
An Overview of GDPR by Pathway Group
An Overview of GDPR by Pathway GroupAn Overview of GDPR by Pathway Group
An Overview of GDPR by Pathway Group
 
Introduction to GDPR
Introduction to GDPRIntroduction to GDPR
Introduction to GDPR
 
Gdpr action plan - ISSA
Gdpr action plan - ISSAGdpr action plan - ISSA
Gdpr action plan - ISSA
 
Sophie's Privacy - a story about GDPR
Sophie's Privacy - a story about GDPRSophie's Privacy - a story about GDPR
Sophie's Privacy - a story about GDPR
 
Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016
 

Similar to GDPR FOR CLINICS

GDPR Practicalities - The Data Shed
GDPR Practicalities - The Data ShedGDPR Practicalities - The Data Shed
GDPR Practicalities - The Data ShedStewart Norriss
 
Gdpr demystified - making sense of the regulation
Gdpr demystified - making sense of the regulationGdpr demystified - making sense of the regulation
Gdpr demystified - making sense of the regulationJames Mulhern
 
Getting to grips with General Data Protection Regulation (GDPR)
Getting to grips with General Data Protection Regulation (GDPR)Getting to grips with General Data Protection Regulation (GDPR)
Getting to grips with General Data Protection Regulation (GDPR)Zoodikers
 
Who ownes the customer? Privacy in the connected age.
Who ownes the customer? Privacy in the connected age.Who ownes the customer? Privacy in the connected age.
Who ownes the customer? Privacy in the connected age.jatharrison
 
Websites: do you tick all the boxes?
Websites: do you tick all the boxes?Websites: do you tick all the boxes?
Websites: do you tick all the boxes?walescva
 
Public sector breakfast club - October 2017, Exeter
Public sector breakfast club - October 2017, ExeterPublic sector breakfast club - October 2017, Exeter
Public sector breakfast club - October 2017, ExeterBrowne Jacobson LLP
 
Exploring GDPR
Exploring GDPRExploring GDPR
Exploring GDPRMediaPost
 
Implementing and Auditing GDPR Series (2 of 10)
Implementing and Auditing GDPR Series (2 of 10) Implementing and Auditing GDPR Series (2 of 10)
Implementing and Auditing GDPR Series (2 of 10) Jim Kaplan CIA CFE
 
Big data needs big protection
Big data needs big protectionBig data needs big protection
Big data needs big protectionNoel Hatch
 
74 x9019 bea legal slides short form ged12.12.16
74 x9019 bea legal slides short form ged12.12.1674 x9019 bea legal slides short form ged12.12.16
74 x9019 bea legal slides short form ged12.12.16Glenn E. Davis
 
General Data Protection Regulation (GDPR) for Identity Architects
General Data Protection Regulation (GDPR) for Identity ArchitectsGeneral Data Protection Regulation (GDPR) for Identity Architects
General Data Protection Regulation (GDPR) for Identity ArchitectsWSO2
 
GDPR and Cyber Security LW.pptx
GDPR and Cyber Security LW.pptxGDPR and Cyber Security LW.pptx
GDPR and Cyber Security LW.pptxTimBee1
 
The GDPR Armageddon – One year on
The GDPR Armageddon – One year onThe GDPR Armageddon – One year on
The GDPR Armageddon – One year onInsight Data
 
Data Protection: Transitioning to the GDPR
Data Protection: Transitioning to the GDPRData Protection: Transitioning to the GDPR
Data Protection: Transitioning to the GDPRImogenRutherford
 
The Privacy Law Landscape: Issues for the research community
The Privacy Law Landscape: Issues for the research communityThe Privacy Law Landscape: Issues for the research community
The Privacy Law Landscape: Issues for the research communityARDC
 
What does the GDPR mean for charity communicators? | Scotland Networking Grou...
What does the GDPR mean for charity communicators? | Scotland Networking Grou...What does the GDPR mean for charity communicators? | Scotland Networking Grou...
What does the GDPR mean for charity communicators? | Scotland Networking Grou...CharityComms
 

Similar to GDPR FOR CLINICS (20)

GDPR Practicalities - The Data Shed
GDPR Practicalities - The Data ShedGDPR Practicalities - The Data Shed
GDPR Practicalities - The Data Shed
 
Gdpr demystified - making sense of the regulation
Gdpr demystified - making sense of the regulationGdpr demystified - making sense of the regulation
Gdpr demystified - making sense of the regulation
 
Data Protection and IDEA
Data Protection and IDEAData Protection and IDEA
Data Protection and IDEA
 
Getting to grips with General Data Protection Regulation (GDPR)
Getting to grips with General Data Protection Regulation (GDPR)Getting to grips with General Data Protection Regulation (GDPR)
Getting to grips with General Data Protection Regulation (GDPR)
 
Get you and your business GDPR ready
Get you and your business GDPR readyGet you and your business GDPR ready
Get you and your business GDPR ready
 
Who ownes the customer? Privacy in the connected age.
Who ownes the customer? Privacy in the connected age.Who ownes the customer? Privacy in the connected age.
Who ownes the customer? Privacy in the connected age.
 
Websites: do you tick all the boxes?
Websites: do you tick all the boxes?Websites: do you tick all the boxes?
Websites: do you tick all the boxes?
 
Public sector breakfast club - October 2017, Exeter
Public sector breakfast club - October 2017, ExeterPublic sector breakfast club - October 2017, Exeter
Public sector breakfast club - October 2017, Exeter
 
Introduction to GDPR
Introduction to GDPRIntroduction to GDPR
Introduction to GDPR
 
Exploring GDPR
Exploring GDPRExploring GDPR
Exploring GDPR
 
Implementing and Auditing GDPR Series (2 of 10)
Implementing and Auditing GDPR Series (2 of 10) Implementing and Auditing GDPR Series (2 of 10)
Implementing and Auditing GDPR Series (2 of 10)
 
Big data needs big protection
Big data needs big protectionBig data needs big protection
Big data needs big protection
 
74 x9019 bea legal slides short form ged12.12.16
74 x9019 bea legal slides short form ged12.12.1674 x9019 bea legal slides short form ged12.12.16
74 x9019 bea legal slides short form ged12.12.16
 
General Data Protection Regulation (GDPR) for Identity Architects
General Data Protection Regulation (GDPR) for Identity ArchitectsGeneral Data Protection Regulation (GDPR) for Identity Architects
General Data Protection Regulation (GDPR) for Identity Architects
 
GDPR and Cyber Security LW.pptx
GDPR and Cyber Security LW.pptxGDPR and Cyber Security LW.pptx
GDPR and Cyber Security LW.pptx
 
The GDPR Armageddon – One year on
The GDPR Armageddon – One year onThe GDPR Armageddon – One year on
The GDPR Armageddon – One year on
 
Data Protection: Transitioning to the GDPR
Data Protection: Transitioning to the GDPRData Protection: Transitioning to the GDPR
Data Protection: Transitioning to the GDPR
 
GDPR for your Payroll Bureau
GDPR for your Payroll BureauGDPR for your Payroll Bureau
GDPR for your Payroll Bureau
 
The Privacy Law Landscape: Issues for the research community
The Privacy Law Landscape: Issues for the research communityThe Privacy Law Landscape: Issues for the research community
The Privacy Law Landscape: Issues for the research community
 
What does the GDPR mean for charity communicators? | Scotland Networking Grou...
What does the GDPR mean for charity communicators? | Scotland Networking Grou...What does the GDPR mean for charity communicators? | Scotland Networking Grou...
What does the GDPR mean for charity communicators? | Scotland Networking Grou...
 

Recently uploaded

I urgently need a love spell caster to bring back my ex. +27834335081 How can...
I urgently need a love spell caster to bring back my ex. +27834335081 How can...I urgently need a love spell caster to bring back my ex. +27834335081 How can...
I urgently need a love spell caster to bring back my ex. +27834335081 How can...BabaJohn3
 
The 2024 Outlook for Older Adults: Healthcare Consumer Survey
The 2024 Outlook for Older Adults: Healthcare Consumer SurveyThe 2024 Outlook for Older Adults: Healthcare Consumer Survey
The 2024 Outlook for Older Adults: Healthcare Consumer SurveyMedia Logic
 
Communication disorder and it's management
Communication disorder and it's managementCommunication disorder and it's management
Communication disorder and it's managementkeerti Gour (PT) Shakya
 
Session-5-Birthing-Practices-Breastfeeding (1).ppt
Session-5-Birthing-Practices-Breastfeeding (1).pptSession-5-Birthing-Practices-Breastfeeding (1).ppt
Session-5-Birthing-Practices-Breastfeeding (1).pptMedidas Medical Center INC
 
Navigating Conflict in PE Using Strengths-Based Approaches
Navigating Conflict in PE Using Strengths-Based ApproachesNavigating Conflict in PE Using Strengths-Based Approaches
Navigating Conflict in PE Using Strengths-Based ApproachesCHICommunications
 
End of Response issues - Code and Rapid Response Workshop
End of Response issues - Code and Rapid Response WorkshopEnd of Response issues - Code and Rapid Response Workshop
End of Response issues - Code and Rapid Response WorkshopBrian Locke
 
Session-3-Promoting-Breastfeeding-During-Pregnancy.ppt
Session-3-Promoting-Breastfeeding-During-Pregnancy.pptSession-3-Promoting-Breastfeeding-During-Pregnancy.ppt
Session-3-Promoting-Breastfeeding-During-Pregnancy.pptMedidas Medical Center INC
 
Jual obat aborsi Cilacap Wa 081225888346 obat aborsi Cytotec asli Di Cilacap
Jual obat aborsi Cilacap Wa 081225888346 obat aborsi Cytotec asli Di CilacapJual obat aborsi Cilacap Wa 081225888346 obat aborsi Cytotec asli Di Cilacap
Jual obat aborsi Cilacap Wa 081225888346 obat aborsi Cytotec asli Di Cilacapaureliamarcelin589
 
VIP ℂall Girls Sushant Lok 9873777170 WhatsApp: Me All Time Serviℂe Available
VIP ℂall Girls Sushant Lok 9873777170 WhatsApp: Me All Time Serviℂe AvailableVIP ℂall Girls Sushant Lok 9873777170 WhatsApp: Me All Time Serviℂe Available
VIP ℂall Girls Sushant Lok 9873777170 WhatsApp: Me All Time Serviℂe Availableaashagrag
 
GENETICS and KIDNEY DISEASES /
GENETICS and KIDNEY DISEASES /GENETICS and KIDNEY DISEASES /
GENETICS and KIDNEY DISEASES /AFFIFA HUSSAIN
 
POSHAN ABHIYAAN-Poshan 2.0 will concentrate on Maternal Nutrition, Infant and...
POSHAN ABHIYAAN-Poshan 2.0 will concentrate on Maternal Nutrition, Infant and...POSHAN ABHIYAAN-Poshan 2.0 will concentrate on Maternal Nutrition, Infant and...
POSHAN ABHIYAAN-Poshan 2.0 will concentrate on Maternal Nutrition, Infant and...sheeza38
 
Australia,USA,UK #Online psychic ,"£ +27834335081 Canada Lost Love Spell Cast...
Australia,USA,UK #Online psychic ,"£ +27834335081 Canada Lost Love Spell Cast...Australia,USA,UK #Online psychic ,"£ +27834335081 Canada Lost Love Spell Cast...
Australia,USA,UK #Online psychic ,"£ +27834335081 Canada Lost Love Spell Cast...BabaJohn3
 
Jual obat aborsi Salatiga Wa 081225888346 obat aborsi Cytotec asli Di Salatiga
Jual obat aborsi Salatiga Wa 081225888346 obat aborsi Cytotec asli Di SalatigaJual obat aborsi Salatiga Wa 081225888346 obat aborsi Cytotec asli Di Salatiga
Jual obat aborsi Salatiga Wa 081225888346 obat aborsi Cytotec asli Di Salatigaaureliamarcelin589
 
The Power of Technology and Collaboration in Research - Rheumatology Research...
The Power of Technology and Collaboration in Research - Rheumatology Research...The Power of Technology and Collaboration in Research - Rheumatology Research...
The Power of Technology and Collaboration in Research - Rheumatology Research...Paul Sufka
 
Session-17-KANGAROO-MOTHER-CARE_final-blue.pptx
Session-17-KANGAROO-MOTHER-CARE_final-blue.pptxSession-17-KANGAROO-MOTHER-CARE_final-blue.pptx
Session-17-KANGAROO-MOTHER-CARE_final-blue.pptxMedidas Medical Center INC
 
Adrenal Function Tests-3.pptxwhfbdqbfwwfjgwngnegenhndngssfb
Adrenal Function Tests-3.pptxwhfbdqbfwwfjgwngnegenhndngssfbAdrenal Function Tests-3.pptxwhfbdqbfwwfjgwngnegenhndngssfb
Adrenal Function Tests-3.pptxwhfbdqbfwwfjgwngnegenhndngssfbKritikaMishra43
 

Recently uploaded (20)

I urgently need a love spell caster to bring back my ex. +27834335081 How can...
I urgently need a love spell caster to bring back my ex. +27834335081 How can...I urgently need a love spell caster to bring back my ex. +27834335081 How can...
I urgently need a love spell caster to bring back my ex. +27834335081 How can...
 
The 2024 Outlook for Older Adults: Healthcare Consumer Survey
The 2024 Outlook for Older Adults: Healthcare Consumer SurveyThe 2024 Outlook for Older Adults: Healthcare Consumer Survey
The 2024 Outlook for Older Adults: Healthcare Consumer Survey
 
Communication disorder and it's management
Communication disorder and it's managementCommunication disorder and it's management
Communication disorder and it's management
 
Session-5-Birthing-Practices-Breastfeeding (1).ppt
Session-5-Birthing-Practices-Breastfeeding (1).pptSession-5-Birthing-Practices-Breastfeeding (1).ppt
Session-5-Birthing-Practices-Breastfeeding (1).ppt
 
Navigating Conflict in PE Using Strengths-Based Approaches
Navigating Conflict in PE Using Strengths-Based ApproachesNavigating Conflict in PE Using Strengths-Based Approaches
Navigating Conflict in PE Using Strengths-Based Approaches
 
End of Response issues - Code and Rapid Response Workshop
End of Response issues - Code and Rapid Response WorkshopEnd of Response issues - Code and Rapid Response Workshop
End of Response issues - Code and Rapid Response Workshop
 
Session-3-Promoting-Breastfeeding-During-Pregnancy.ppt
Session-3-Promoting-Breastfeeding-During-Pregnancy.pptSession-3-Promoting-Breastfeeding-During-Pregnancy.ppt
Session-3-Promoting-Breastfeeding-During-Pregnancy.ppt
 
Jual obat aborsi Cilacap Wa 081225888346 obat aborsi Cytotec asli Di Cilacap
Jual obat aborsi Cilacap Wa 081225888346 obat aborsi Cytotec asli Di CilacapJual obat aborsi Cilacap Wa 081225888346 obat aborsi Cytotec asli Di Cilacap
Jual obat aborsi Cilacap Wa 081225888346 obat aborsi Cytotec asli Di Cilacap
 
VIP ℂall Girls Sushant Lok 9873777170 WhatsApp: Me All Time Serviℂe Available
VIP ℂall Girls Sushant Lok 9873777170 WhatsApp: Me All Time Serviℂe AvailableVIP ℂall Girls Sushant Lok 9873777170 WhatsApp: Me All Time Serviℂe Available
VIP ℂall Girls Sushant Lok 9873777170 WhatsApp: Me All Time Serviℂe Available
 
GENETICS and KIDNEY DISEASES /
GENETICS and KIDNEY DISEASES /GENETICS and KIDNEY DISEASES /
GENETICS and KIDNEY DISEASES /
 
Cara menggugurkan kandungan paling ampuh 08561234742
Cara menggugurkan kandungan paling ampuh 08561234742Cara menggugurkan kandungan paling ampuh 08561234742
Cara menggugurkan kandungan paling ampuh 08561234742
 
LTM Session-8-Practices-that-assist-BF..ppt
LTM Session-8-Practices-that-assist-BF..pptLTM Session-8-Practices-that-assist-BF..ppt
LTM Session-8-Practices-that-assist-BF..ppt
 
POSHAN ABHIYAAN-Poshan 2.0 will concentrate on Maternal Nutrition, Infant and...
POSHAN ABHIYAAN-Poshan 2.0 will concentrate on Maternal Nutrition, Infant and...POSHAN ABHIYAAN-Poshan 2.0 will concentrate on Maternal Nutrition, Infant and...
POSHAN ABHIYAAN-Poshan 2.0 will concentrate on Maternal Nutrition, Infant and...
 
Australia,USA,UK #Online psychic ,"£ +27834335081 Canada Lost Love Spell Cast...
Australia,USA,UK #Online psychic ,"£ +27834335081 Canada Lost Love Spell Cast...Australia,USA,UK #Online psychic ,"£ +27834335081 Canada Lost Love Spell Cast...
Australia,USA,UK #Online psychic ,"£ +27834335081 Canada Lost Love Spell Cast...
 
Abortion pills in Qatar (+919707208804) Get Cytotec Pills IN Doha
Abortion pills in Qatar (+919707208804) Get Cytotec Pills IN DohaAbortion pills in Qatar (+919707208804) Get Cytotec Pills IN Doha
Abortion pills in Qatar (+919707208804) Get Cytotec Pills IN Doha
 
Abortion pills in Kuwait (+918133066128) Abortion clinic pills in Kuwait
Abortion pills in Kuwait (+918133066128) Abortion clinic pills in KuwaitAbortion pills in Kuwait (+918133066128) Abortion clinic pills in Kuwait
Abortion pills in Kuwait (+918133066128) Abortion clinic pills in Kuwait
 
Jual obat aborsi Salatiga Wa 081225888346 obat aborsi Cytotec asli Di Salatiga
Jual obat aborsi Salatiga Wa 081225888346 obat aborsi Cytotec asli Di SalatigaJual obat aborsi Salatiga Wa 081225888346 obat aborsi Cytotec asli Di Salatiga
Jual obat aborsi Salatiga Wa 081225888346 obat aborsi Cytotec asli Di Salatiga
 
The Power of Technology and Collaboration in Research - Rheumatology Research...
The Power of Technology and Collaboration in Research - Rheumatology Research...The Power of Technology and Collaboration in Research - Rheumatology Research...
The Power of Technology and Collaboration in Research - Rheumatology Research...
 
Session-17-KANGAROO-MOTHER-CARE_final-blue.pptx
Session-17-KANGAROO-MOTHER-CARE_final-blue.pptxSession-17-KANGAROO-MOTHER-CARE_final-blue.pptx
Session-17-KANGAROO-MOTHER-CARE_final-blue.pptx
 
Adrenal Function Tests-3.pptxwhfbdqbfwwfjgwngnegenhndngssfb
Adrenal Function Tests-3.pptxwhfbdqbfwwfjgwngnegenhndngssfbAdrenal Function Tests-3.pptxwhfbdqbfwwfjgwngnegenhndngssfb
Adrenal Function Tests-3.pptxwhfbdqbfwwfjgwngnegenhndngssfb
 

GDPR FOR CLINICS

  • 1. GDPR AND PATIENT RIGHTS A guide to not panicking e-clinic.co.uk
  • 2. MARK LAINCHBURY • MD of e-clinic • Created e-clinic in 2002 • Worked in healthcare software since 1997 • I am not a medical professional • I am not a lawyer e-clinic.co.uk
  • 3. ICO “We’re not going to be looking at perfection, we're going to be looking for commitment” e-clinic.co.uk
  • 4. WHAT GDPR IS • Designed to protect individuals • Only applies to ‘personal data’ • The GDPR applies to both automated personal data and to manual filing systems where personal data are accessible according to specific criteria. This could include chronologically ordered sets of manual records containing personal data • Fundamental shift in the balance of responsibility e-clinic.co.uk
  • 5. PERSONAL DATA • Electronic records • Paper records Obvious stuff • Name, address, treatment, financials, photographs, completed forms... e-clinic.co.uk
  • 6. PERSONAL DATA Less obvious stuff • People connected to organisations - not just patients • Mobile phone contacts • Cookies, IP address, PPC data • Post it notes e-clinic.co.uk
  • 7. INDIVIDUAL RIGHTS The right… • To be informed • Of access • To rectification • To erasure • To restrict processing • To data portability • To object • In relation to automated decision making and profiling e-clinic.co.uk
  • 8. WHAT GDPR ISN’T • Does not prevent you from storing data • Does not require mass data deletion • Does not negate previous consent • Does not enforce ‘paperless’ records • Does not bar you from sending data outside the UK/EU/EEA • Brexit may affect that last bit! e-clinic.co.uk
  • 9. RIGHT TO PROCESS DATA • Must have a valid lawful basis to process personal data • 6 bases – Consent – Contract – Legal Obligation – Vital Interests – Public Task – Legitimate Interest e-clinic.co.uk
  • 11. CONSENT MUST NOT BE IMPLIED e-clinic.co.uk
  • 12. CONSENT MUST NOT BE IMPLIED e-clinic.co.uk
  • 13. LEGAL OBLIGATION • Clinical Data Laws/Guidelines • BMA Website • Company/Accounting Law • UK Government Web Site e-clinic.co.uk
  • 14. IS YOUR SOFTWARE GDPR COMPLIANT? • No software can be, by itself, GDPR compliant • Software can only provide tools to enable compliance • Obligations are sometimes contradictory e-clinic.co.uk
  • 15. DATA FILTERING FOUND SET – 29 PATIENTS e-clinic.co.uk
  • 16. DATA FILTERING CAMPAIGN CREATED– 28 PATIENTS e-clinic.co.uk
  • 17. DATA SHARING BETWEEN APPS Typical Web Apps Application Programming Interface • Most modern applications use API technology to share data • It is not unlawful to send data outside the UK/EU/EEA • But be aware where your data is going • Mailchimp – US • Xero – New Zealand e-clinic.co.uk
  • 18. WHAT IS GDPR COMPLIANCE • GDPR compliance is a process • GDPR compliance is a mindset • GDPR compliance is a form of respect e-clinic.co.uk
  • 19. THANK YOU Any questions? Email sales@e-clinic.co.uk e-clinic.co.uk