The New General Data Protection Regulation (GDPR) For Health and Social Care
General Data Protection Regulation & Preparing for Implementation
The 25th May 2018 sees the introduction of the General Data Protection Regulation (GDPR). This is the biggest change in data protection law for 20 years. The course will help health and social care organisations to practically prepare for the implementation of the GDPR. The changes to “consent models”, definitions of personal data, Pseudonymisation and the newly introduced Right to be forgotten will all have huge impacts on providers and commissioners of health and social care services.
This workshop examines the Regulation in detail, linking the common-law duties of confidentiality, Caldicott Reviews and SIRO processes, to ensure organisations stay ahead of the game. This workshop is suitable for the public sector and private sector.
Overview of the Regulation
How the current Data Protection definitions and principles are transposed - Caldicott Principles and Data Security requirements
Caldicott Guardian, DPO (Data Protection Officer) and SIRO working together
Consent for processing data -providing care and secondary uses
Profiling -Risk Stratification -Business intelligence -service planning
Privacy notices / fair processing notices
Pseudonymisation and use of de-identified data for secondary uses
Children Consent issues (service user online access) and parental responsibility
Changes to subject access (Access to records/ Health and social acre considerations)
IG SIRI reporting and new mandated breach reporting
Right to be forgotten
Organisational responsibilities as ‘data controller’ or ‘data processor’
Privacy Impact Assessments
Basis for collecting and using data with Legal approaches to sharing personal data
Records Management changes
STEPS TO TAKE NOW
