This guidance explains GP data controllers' responsibilities under the GDPR, and sets out the main themes of the legislation and what needs to be done to ensure compliance.
What you'll get from this guide
- Identifying the GDPR lawful bases for processing health data
- How to meet requirements for transparency and accountability
- How to deal with requests for confidential health data
How to use this guide
The guidance should be read alongside the UK Data Protection Act 2018. It applies to both doctors working in private practice and the NHS.