General Data Protection Regulation
The General Data Protection Regulation (GDPR) is a new law that determines how your personal data is processed and kept safe, and the legal rights that you have in relation to your own data.
The regulation applies from the 25th May 2018 and will apply once the UK leaves the EU.
What GDPR will mean for patients
Data must be processed lawfully, fairly and transparently
it must be used for specific, explicit and legitimate purposes
It must be limited to what is necessary for purposes processed
Information must be accurate and kept up to date
Data must be held securely
It can only be kept for as long as is necessary for the reasons it was collected.
There are stronger rights for patients;
Being informed about how their data is being used
Patients to have access to their own data
Patients can request for incorrect information to be changed
Restrict how their data is used
Move their patient data from one health organisation to another
The right to object to their information being processed (in certain circumstances)
What is GDPR?
General Data Protection Regulations, it is new legislation that will supersede the Data Protection Act, it covers anywhere in the world in which data about EU citizens is processed.
What is patient data?
Information that relates to a patient such as diagnosis, name, age, medical history etc
Individuals rights are respected and supported