General Data Protection (GDPR)
What is GDPR?
The General Data Protection Regulation (GDPR) is a new EU regulation that comes into force on 25th May 2018. The GDPR will replace the existing data protection legislation including the UK Data Protection Act 1998.
Who Does the GDPR apply to?
The GDPR applies to all individuals and organisations with day-to-day responsibilities for data protection.
What does this mean for patients?
- must be processed lawfully, fairly and transparently.
- be collected for specific, explicit and legitimate purposes.
- must be limited to what is necessary for the purposes for which it is processed.
- must be accurate and kept up to date.
- must be held securely.
- It can only be retained for as long as is necessary for the reasons it was collected.
Below are links to the practice’s patient privacy notices and further information, which explain why and how we process your personal data:
We have also included a patient information leaflet that you can download below:
Patient Information Leaflet
And here is a link to the NHS website for their privacy notice: