Simplyhealth Professionals provides member practices with GDPR toolkit
Simplyhealth Professionals has produced a range of templates and draft policies to support its practices in preparation for meeting the enhanced data protection requirements, coming into force on Friday 25 May 2018. The company has also been providing detailed information and guidance on the implication for practices of the new data regulations with a three-part blog written by Roger Matthews, Honorary Life President and former Chief Dental Officer https://www.denplan.co.uk/dentists/blog.
Between now and Friday 25 May, the recommendations are that practices will need to:
• Complete their data audit (as recommended by The Information Commissioner’s Office www.ico.org.uk/gdpr.
• Check where back-ups are stored (ask your software provider/s)
• Consider how to present Privacy Notices to patients
• Consider revising their Data Protection and Information Security policies
• Carry out and document a Legitimate Interest Assessment (in simple terms how you lawfully process personal data)
• Draw up a Data Breach policy and procedure (if not already done)
• Appoint a Data Protection Officer
To help with preparation, Simplyhealth Professionals has published several templates for members on their web portal in a GDPR toolkit. There are templates available for a Legitimate Interest Assessment, a Privacy Notice and a Data Breach.
As the new law is still a Parliamentary ‘work in progress’ and subject to some further amendments, Simplyhealth Professionals intends to keep members fully updated on any further developments.
Henry Clover, Chief Dental Officer at Simplyhealth Professionals, said: “We shouldn’t forget that confidentiality, consent and security of sensitive information – to name but three factors – have already been an integral part of dental practices for a long time. This is the embodiment of data protection in our professional lives, so much of this is not actually new.
“However, there is still some preparation required by practices and they will need to become familiar with some different language. Similar to the support we provided with regards to CQC inspections, we have again attempted to simplify the complex and make generic data protection requirements relevant to dental practices.”