Simplyhealth Professionals GDPR toolkit

Law & Regulation
  • Smaller Small Medium Big Bigger
  • Default Helvetica Segoe Georgia Times

Simplyhealth Professionals provides member practices with GDPR toolkit

Simplyhealth Professionals has produced a range of templates and draft policies to support its practices in preparation for meeting the enhanced data protection requirements, coming into force on Friday 25 May 2018. The company has also been providing detailed information and guidance on the implication for practices of the new data regulations with a three-part blog written by Roger Matthews, Honorary Life President and former Chief Dental Officer

Between now and Friday 25 May, the recommendations are that practices will need to:

• Complete their data audit (as recommended by The Information Commissioner’s Office
• Check where back-ups are stored (ask your software provider/s)
• Consider how to present Privacy Notices to patients
• Consider revising their Data Protection and Information Security policies
• Update their Cookie policy if they have a website
• Carry out and document a Legitimate Interest Assessment (in simple terms how you lawfully process personal data)
• Draw up a Data Breach policy and procedure (if not already done)
• Appoint a Data Protection Officer

To help with preparation, Simplyhealth Professionals has published several templates for members on their web portal in a GDPR toolkit. There are templates available for a Legitimate Interest Assessment, a Privacy Notice and a Data Breach.

However, in each case it will be necessary for practices to consider how these templates should be adapted for their own particular circumstances and practice. Further resources will be published on the portal in the coming weeks in the form of a Cookie policy, a Data Retention policy, a Data Protection policy and an Information Security policy.

As the new law is still a Parliamentary ‘work in progress’ and subject to some further amendments, Simplyhealth Professionals intends to keep members fully updated on any further developments.

Henry Clover, Chief Dental Officer at Simplyhealth Professionals, said: “We shouldn’t forget that confidentiality, consent and security of sensitive information – to name but three factors – have already been an integral part of dental practices for a long time. This is the embodiment of data protection in our professional lives, so much of this is not actually new.

“However, there is still some preparation required by practices and they will need to become familiar with some different language. Similar to the support we provided with regards to CQC inspections, we have again attempted to simplify the complex and make generic data protection requirements relevant to dental practices.”