BDA says: “Fix broken Data Protection Bill or lose primary care NHS providers”
The BDA is standing with tens of thousands of primary care professionals to call for urgent amendments to the Data Protection Bill to prevent huge and needless burdens being heaped on high street providers.
In an open message to Minister Margot James, copied to all opposition opposite numbers, the BDA and partners at the Optical Confederation, the National Pharmacy Association and the Pharmaceutical Services Negotiating Committee have called for simple amendments to be tabled as the Bill makes its way through Parliament.
Primary care leaders believe the Bill goes beyond the requirements of the General Data Protection Regulation (GDPR), which does not require health providers to appoint a Data Protection Officer (DPO) unless they process healthcare data “on a large scale”.
Most high-street NHS primary care providers do not process data on a large scale but are set to be covered by this onerous new requirement because they are defined by UK legislation as “public bodies”. BDA’s market research suggests that outsourcing this service may well cost even the smallest practices in excess of £5,000, with some members reporting quotes from potential contractors of over £10,000 a year.
The DPO requirement will not automatically apply to private health providers in the same way, putting NHS providers at a distinct disadvantage, and further deterring dentists from delivering NHS services.
This new requirement is also unlikely to provide any practical benefit for patients as dentists and all other NHS providers are obliged to meet strict requirements on data protection and patient confidentiality.
BDA Chair Mick Armstrong said: "We've been shocked by the quotes our members have received to meet the requirements spelled out in this broken bill. A single medium-sized practice has been quoted over £11,000 for start-up costs, and a rolling annual fee of over £8,500 to comply.
"Primary care is under huge pressure. These additional costs and red tape are a hammer blow to family dentists, opticians and pharmacists already facing tight regulation and eye watering compliance costs.
"We look to Government and Opposition to urgently table these amendments and lift this needless burden from small high-street providers."
A BDA member who is an owner and principal dentist of a small NHS dental practice in the North East said: “The Government’s Data Protection Bill has chosen to put small dental practices in the same basket as large hospital trusts. By wrongly defining us as a ‘public body’ it goes well beyond the intentions of GDPR, and the net result is we will be required to recruit a Data Protection Officer from May this year.
“Not only will this be another costly overhead on top of ever-increasing cost of compliance heaped on us, but it also puts us at a distinct disadvantage compared with private practices – some of whom will be far bigger than mine – but are not required to appoint a DPO. There is no additional funding being made available to cover this extra cost by the NHS.
“I entered the profession fourteen years ago committed to a career in NHS general practice, where I expected to work until I retired. I now feel on the cusp of leaving the NHS altogether. I feel thoroughly disillusioned and disheartened and I am sure I'm not alone. The Government must sit up and listen or face losing experienced dentists from the NHS for good.”
Optical Confederation Chair Fiona Anderson said: “As we keep pointing out, a requirement to appoint a DPO would not provide any practical benefit for patients, or anyone else, but would impose costs.
“We are extremely disappointed that the Government has not listened to our concerns about the unnecessary burden this will place on small businesses which are key to keeping communities healthy. They were also explicitly intended to be excluded under the GDPR itself. This is pointless gold plating. We hope the Government will act before it is too late.”