The guidance highlights the changes that the GDPR will introduce against current guidelines in health and social care, and provides a checklist for healthcare providers and their supply chain to demonstrate compliance with the Regulation.
- New accountability requirements mean organisations must demonstrate compliance with the Regulation. Healthcare providers will be required to keep records of all data processing activities.
- Public authorities, as well as any organisation that processes large amounts of sensitive data, will be required to appoint a data protection officer (DPO).
- Data protection impact assessments (DPIAs) will be required for high-risk data processing.
- In most cases, organisations will not be able to charge for subject access requests (SARs).
- Organisations will need to report data breaches that result in a risk to data subjects to the Information Commissioner’s Office (ICO) within 72 hours.
- The maximum penalty for non-compliance with the GDPR is significantly greater than current powers given to the ICO under the Data Protection Act (DPA).
GDPR training courses
This one-day Foundation-level course provides a comprehensive introduction to the GDPR, and an overview of the implications and legal requirements for organisations, including responding to individuals exercising their data rights, DPIAs and data breach reporting.
This four-day Advanced-level course builds on the GDPR Foundation qualification to equip participants with the knowledge and operational skills to build, implement and manage a compliance programme under the GDPR, and to successfully fulfil the DPO role.
Please note that you must attend the Certified EU GDPR Foundation course and pass the Certified EU GDPR Foundation examination before you can attend the Practitioner course.
Don’t miss our live GDPR Q&A on Valentine’s Day (Wednesday 14 February 2018) at 3:00 pm. IT Governance’s founder and GDPR expert, Alan Calder, will be answering your GDPR related queries via Twitter. Join the discussion and tweet your thoughts using hashtag #GDPRJoinTheDiscussion.