gdpr what is it
play

GDPR what is it? Replaces the Data Protection Act 1998 European - PowerPoint PPT Presentation

Sep 20, 2023 •507 likes •692 views

GDPR what is it? Replaces the Data Protection Act 1998 European legislation will not be gold plated Comes into force 25 May 2018 BREXIT Data Protection Bill Why is GDPR relevant to me? Healthcare has been an area

  2. GDPR – what is it? • Replaces the Data Protection Act 1998 • European legislation – will not be gold plated • Comes into force 25 May 2018 • BREXIT • Data Protection Bill

  3. Why is GDPR relevant to me? • Healthcare has been an area of particular interest to the ICO. • Fines/ investigations have been common. • For example, HCA International fined £200k in February. • See health care resources on ICO website. • Low awareness of GDPR in the sector.

  4. What is captured? • What is personal data? • Data Controllers and Data Processors • The Regulation applies to: • the processing of “Personal Data” • by automated means • AND by non-automated means • Ordinary personal data • Sensitive personal data

  5. First steps to becoming compliant • Understand the data you hold • Analyse the personal data and determine lawful purposes • Just because it was permitted under DPA does not mean that it will be permitted under the GDPR

  6. Basis for processing GDPR lawful purposes for ordinary personal data: • Consent • Legitimate interests of the data controller • Necessity for the performance of a contract GDPR lawful purposes for special category personal data : • Explicit consent • Vital interests • Necessary for establishment or defence of legal claims

  7. Transparency and consent • Review your fair processing notices and privacy policies • Consent must be: • unambiguous • freely given • Requires clear affirmative action • For sensitive data, must be explicit • Can be withdrawn at any time • Not available where there is a clear imbalance in the relationship • Multiple purposes need multiple consents

  8. Administrative steps • Audit your contracts • Train your staff • Consider appointing a DPO • Undertake Privacy Impact Assessments • Prepare to deal with enhanced rights of individuals/ ICO

  9. Possible consequences • 2 tier system: • Up to €10 million or in the case of an undertaking, up to 2% of global annual turnover, whichever is higher. • Up to €20 million or in the case of an undertaking 4% of total worldwide annual turnover • Position under DPA - financial loss required • Position under GDPR - any damage suffered should be compensated

  10. Dr Natalie Blakely Consentz Co-Founder & Chief Medical Officer

  11. GDPR – Individual’s Rights Right to be Informed: • Understand how data is stored and used • The language explaining this should be clear & concise Right of Access: • Individuals have the right to obtain access to their personal data. • Provide requested data free of charge within 1 month Right to Rectification: • Individuals have right to correct their personal information

  12. GDPR – Individual’s Rights Right to Erasure: • Data can be held only for as long as is necessary • Deletion of personal data when requested (unless needed) • No requirement to delete if held for a defence claim Right to Portability: • Shouldn’t apply to clinics as little processing would be by automated means, most would be by human intervention. Right to Object: • Stop receiving direct marketing – this should be clear at the point of 1st communication and subsequent communications

  13. GDPR – Accountability & Governance Clinics process special category data and need to have documentation on processing activities, data protection policies, staff training and HR policies. Implement measures such as: • Data minimisation & transparency • Access levels, erasure & correcting • Improving security features on an on-going basis Data Breach - such as loss of a health record due to lack of appropriate controls. Reporting time scales are short and therefore require robust detection, investigation and reporting procedures to be in place

  14. GDPR: Big Burden or Glorious Opportunity? Embrace the challenge! A high quality digital platform will: • Address fully the issues arising from GDPR regulation, as well as • Transforming practice management and patient care

  15. Consentz – Built for GDPR Consentz Terms and Conditions address the above points (prepared by Stuart, Irwin Mitchell) GDPR features include: • Time period for retention & report for files to be erased • Patient access to their information • Patient can change personal information remotely

  16. Consentz – How Else Are You Protected? Your records are secure with Consentz: • Encryption • Cyber security insurance • Information Recovery Plans • Data security monitoring • Regular penetration testing by global data security company • Hourly data back-ups • Instantly revoke staff access

  17. Any Questions? Thank you for listening. We’re on Stand D111 We’re here to help!

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

GDPR How does it apply to me? What is GDPR? It is the LAW! What is GDPR? The General Data

GDPR How does it apply to me? What is GDPR? It is the LAW! What is GDPR? The General Data

GDPR How does it apply to me? What is GDPR? It is the LAW! What is GDPR? The General Data Protection Regulation Came into force on May 25 th Replaces the current 1995 Data Protection Directive and Data Protection Act (1998). What is GDPR?

570 views • 18 slides
Data minimization & concentration: Intended and unintended consequences of the GDPR Garrett

Data minimization & concentration: Intended and unintended consequences of the GDPR Garrett

garjoh_canuck Data minimization & concentration: Intended and unintended consequences of the GDPR Garrett Johnson (Boston U) Scott Shriver (U Colorado Boulder) GDPR Impact GDPR General Data Protection Regulation EU EEA Brexit GDPR

833 views • 27 slides
Protection Regulation (GDPR) Presentation Structure What is the GDPR? When and where does

Protection Regulation (GDPR) Presentation Structure What is the GDPR? When and where does

Presentation by Michalis Mantzaris, PhD Introduction to General Data Protection Regulation (GDPR) Presentation Structure What is the GDPR? When and where does it apply? Consisting elements and Guideline provision Key changes and

605 views • 23 slides
Overview What is the GDPR? What are the main changes? Risks? What do you need to do

Overview What is the GDPR? What are the main changes? Risks? What do you need to do

Overview What is the GDPR? What are the main changes? Risks? What do you need to do to be compliant? Data Breaches How does the GDPR affect you? Steps to Compliance Summary What is the GDPR? q The EU's General Data

355 views • 17 slides
PROTECTION REGULATIONS May 2018 GDPR What is GDPR What is different Principles

PROTECTION REGULATIONS May 2018 GDPR What is GDPR What is different Principles

GENERAL DATA PROTECTION REGULATIONS May 2018 GDPR What is GDPR What is different Principles of of GDPR How does it effect school How are school preparing How does it effect individual staff How can

475 views • 12 slides
Welcome Agenda GDPR is in force now and applies to Australian businesses What does GDPR require?

Welcome Agenda GDPR is in force now and applies to Australian businesses What does GDPR require?

Welcome Agenda GDPR is in force now and applies to Australian businesses What does GDPR require? How does an Australian business comply? Action Plan Section 1: GDPR is here Privacy in the digital age Historically, privacy was almost

513 views • 40 slides
Click to add title Click to add subtitle Before the GDPR: the great GDPR compliance panic The

Click to add title Click to add subtitle Before the GDPR: the great GDPR compliance panic The

Almost one year after the GDPR, where are we now? Click to add title Click to add subtitle Before the GDPR: the great GDPR compliance panic The first year of the GDPR can best be described as "quiet test run. What are the most striking

405 views • 8 slides
GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU

GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU

GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU General Data Protection 1995 Regulation 2016 Data Protection Act 1998 Data Protection Bill 2017-19 Fines DPA GDPR Maximum Fine 500k Two

622 views • 17 slides
GDPR Dont be scared Even if you cant answer all the questions on the form GDPR Dont

GDPR Dont be scared Even if you cant answer all the questions on the form GDPR Dont

GDPR Dont be scared Even if you cant answer all the questions on the form GDPR Dont be scared 60% of people welcome the rights under GDPR 48% of UK adults plan to activate their rights 56% welcome the right to object to marketing

1.32k views • 37 slides
GDPR Webinar Guide Overview and key points Part 1 of our series on GDPR and its impact on the

GDPR Webinar Guide Overview and key points Part 1 of our series on GDPR and its impact on the

1 GDPR Webinar Guide Overview and key points Part 1 of our series on GDPR and its impact on the recruitment industry 2 Introduction The rules which underpin the storage of personal data have changed dramatically. The new EU-US Privacy Shield

998 views • 35 slides
GDPR Obligations & Rules Introduction to Privacy and the GDPR Simone Fischer-Hbner

GDPR Obligations & Rules Introduction to Privacy and the GDPR Simone Fischer-Hbner

GDPR Obligations & Rules Introduction to Privacy and the GDPR Simone Fischer-Hbner CC-BY-4.0 Advising, Monitoring, Enforcing European Data Protection Board Art. 68 - 73 (replacing the Art. 29 Working Party) advise Supervisory

626 views • 8 slides
GDPR Breach & Automated Decision Making Part 5 of our series on GDPR and its impact on the

GDPR Breach & Automated Decision Making Part 5 of our series on GDPR and its impact on the

GDPR Breach & Automated Decision Making Part 5 of our series on GDPR and its impact on the recruitment industry This webinar is provided for information purposes and is NOT intended to be legal advice pertaining to the subject matter. If you

617 views • 38 slides
GDPR Rights and Consent Part 2 of our series on GDPR and its impact on the recruitment industry

GDPR Rights and Consent Part 2 of our series on GDPR and its impact on the recruitment industry

GDPR Rights and Consent Part 2 of our series on GDPR and its impact on the recruitment industry This webinar is provided for information purposes and is NOT intended to be legal advice pertaining to the subject matter. If you have specific

495 views • 35 slides
GDPR General Data Protection Regulation DR. Rafi us Shan, Chief Cyber Security , KP CERC KPITB

GDPR General Data Protection Regulation DR. Rafi us Shan, Chief Cyber Security , KP CERC KPITB

GDPR General Data Protection Regulation DR. Rafi us Shan, Chief Cyber Security , KP CERC KPITB GDPR TIMELINE Definitions GDPR is a set of EU laws that come into affect on May 25th 2018. GDPR rules are designed to give more control over

587 views • 30 slides
GDPR Hacks For O365 3/27/2018 How O365 And Azure Can Help JB Wissma mann nn Organizations Get

GDPR Hacks For O365 3/27/2018 How O365 And Azure Can Help JB Wissma mann nn Organizations Get

GDPR Hacks For O365 3/27/2018 How O365 And Azure Can Help JB Wissma mann nn Organizations Get Compliant Agenda GDPR at a glance What does GDPR mean for IT departments Microsoft and GDPR M365 O365 Azure Dynamics

349 views • 18 slides
GDPR INFORMATION SEMINAR Dun Laoghaire / Rathdown Sports Partnership March 2018 WHY ? 1. GDPR

GDPR INFORMATION SEMINAR Dun Laoghaire / Rathdown Sports Partnership March 2018 WHY ? 1. GDPR

GDPR INFORMATION SEMINAR Dun Laoghaire / Rathdown Sports Partnership March 2018 WHY ? 1. GDPR applies to you because you hold data it does not discriminate on size / profit 2. Deadline to comply 3. Fines 4. Book stops with you ? 5. Piece

1.05k views • 37 slides
Big data and the new EU data protection Regulation The role of Big Data in Healthcare Sophie

Big data and the new EU data protection Regulation The role of Big Data in Healthcare Sophie

Big data and the new EU data protection Regulation The role of Big Data in Healthcare Sophie LOUVEAUX London 14-15 November 2016 Big Data Means Opportunities More Knowledge, Large Computing and Large Availability of Better Personal Data

377 views • 18 slides
The content in this presentation largely derives from work carried out by the UKs Information

The content in this presentation largely derives from work carried out by the UKs Information

The content in this presentation largely derives from work carried out by the UKs Information Commissioners Office THE BIGGEST THREAT TO ORGANISATIONS FROM THE GDPR IS MASSIVE FINES. THE LAW IS NOT ABOUT FINES. ITS ABOUT PUTTING THE

75 views • 7 slides
The presentations schedule Conceptual model of functioning of official statistics

The presentations schedule Conceptual model of functioning of official statistics

The concept of the new organization of statistical surveys Janusz Dygaszew icz Director Programming and Coordination of Statistical Surveys Department CSO Poland Meeting on the Management of Statistical Information Systems Paris, France 23 -

511 views • 15 slides
Data Generation and Disaggregation for Monitoring and Evaluation of SDGs Md. Alamgir Hossen

Data Generation and Disaggregation for Monitoring and Evaluation of SDGs Md. Alamgir Hossen

Action Plan and Methodological Guidelines for Data Generation and Disaggregation for Monitoring and Evaluation of SDGs Md. Alamgir Hossen Deputy Director and Member-Secretary, SDG Cell Bangladesh Bureau of Statistics (BBS) Background Under

284 views • 12 slides
GDPR is here. Is your cyberinsurance ready? By James E. Scheuermann, Esq., Lucas J. Tanglen, Esq.,

GDPR is here. Is your cyberinsurance ready? By James E. Scheuermann, Esq., Lucas J. Tanglen, Esq.,

THOMSON REUTERS GDPR is here. Is your cyberinsurance ready? By James E. Scheuermann, Esq., Lucas J. Tanglen, Esq., and Reymond E. Yammine, Esq., K&L Gates AUGUST 3, 2018 The European Unions General Data Protection Regulation, Violations

320 views • 4 slides
DATA PROTECTION and SCRA www.scra.gov.uk Data Protection Act 1998 (DPA) DPA is the main

DATA PROTECTION and SCRA www.scra.gov.uk Data Protection Act 1998 (DPA) DPA is the main

DATA PROTECTION and SCRA www.scra.gov.uk Data Protection Act 1998 (DPA) DPA is the main legislation in the UK governing information on individuals. It places obligations on organisations that hold and use information on

518 views • 37 slides
GDPR Annual Refresher Training Annual refresher training - intro It is a legal requirement that

GDPR Annual Refresher Training Annual refresher training - intro It is a legal requirement that

GDPR Annual Refresher Training Annual refresher training - intro It is a legal requirement that all staff and volunteers have GDPR refresher training on an annual basis. Logistically, it makes sense to offer refresher training electronically

682 views • 39 slides
Data Protection and Privacy & Impact of Personal Data Protection Bill (PDPB) 1 November, 2019

Data Protection and Privacy & Impact of Personal Data Protection Bill (PDPB) 1 November, 2019

CONSUMER AWARENESS WORKSHOP on Data Protection and Privacy & Impact of Personal Data Protection Bill (PDPB) 1 November, 2019 Kolkata OBJECTIVE Engage with the consumer and civil society organisations (CSOs) in tier II locations to

623 views • 50 slides

More recommend