A Collection is a selection of features, articles, comments and opinions on any given theme or topic. It allows you to stay up‑to‑date with what interests you most.
Login here to access your saved articles and followed authors.
We have sent you an email so you can reset your password.
Sorry, we had a problem.
Tags related to this article
Published 21 November 2016
I never thought that I would look back on the Data Protection Act with fondness. Over time we have got to know its ways and how to navigate its maze of provisions. But all good things must come to an end. On 4 May 2016 the General Data Protection Regulation – Regulation (EU) 2016/679 or the GDPR - was passed. We now have a new maze to negotiate.
This manual is designed to be your guide: to help you walk the maze with a firmer sense of direction and purpose, to side-step some of the pitfalls and avoid the wrong turns.
All EU member states will need to comply with the GDPR by 25 May 2018. It is likely that we will still be a member state by then. It is highly likely that even after Brexit the requirements of the GDPR will apply in the UK. The countdown to compliance has begun.
You will want to get it right. The maximum fine for non-compliance has risen from £500,000 to E20,000,000 – about £17 million at today’s exchange rates. It is, however, early days. We await a government commitment to implementing the GDPR in the UK, as well as European and ICO guidance. We will keep you updated as the situation evolves.
This manual gives an overview of the likely impact of the GDPR in health and social care. We have looked at each of the main provisions and compared them to current law, ICO guidance and common practice. We provide advice on the practical steps that should taken to prepare and what to prioritise given the uncertainties.
Much of the GDPR will be familiar territory. It builds on old concepts (personal data, data controller etc.), enhances existing rights and obligations and in places makes best practice a legal requirement.
But I’m afraid there is still a lot to be done. There is a new requirement on organisations to demonstrate compliance, which means there will be a lot of paperwork. There are new rights for data subjects too, which are easier to enforce. Contracts and data sharing protocols will need to be reviewed in light of the changes.
London - Walbrook
+44 (0)20 7894 6531
+44(0)191 404 4192
+44 (0)20 7894 6020
+44 (0)20 7894 6577
Charlotte Burnett, Anne Crofts, Hamza Drabu, Louise Watson-Jones, Alistair Robertson, Mary Mundy, Chris Waite
Hamza Drabu, Anne Crofts
Hamza Drabu, Charlotte Burnett, Alistair Robertson
Hilary Larter, Zoe Thomas, Udara Ranasinghe
Charlotte Burnett, Hamza Drabu
Dr Alexandra von Westernhagen
Anne Crofts, Mary Mundy, Hamza Drabu