Make the request for consent noticeable.
GDPR practices for practices, surgeries and therapists.
GDPR is EU law on data protection and privacy for all EU citizens which went into effect May 25, 2018.
Checklist to help you think about how you need to handle clients personal data. Personal data is defined as any information related to a person that can be used to directly identify them. These include anything from a name, photo, email address, bank details, medical information, or even a computer IP address.
Understand your General Data Protection Regulation Compliance Responsibilities.
There are other website legal pages that might be needed check out our website legal pages checklist.
*GDPR ( General Data Protection Regulation)
Make the request for consent noticeable.
Use clear, plain english so easy to understand.
Inform the patient why you need the data and what is going to happen with it.
Give options for consent to different purposes of data use and processing.
Specifically name practice and any other third parties people or businesses who will use thethe data from giving consent.
Inform the patient they can withdraw consent at any time.
Make the process of withdrawal clear and easy
Any withdrawal of consent must happen as soon as possible
Process to regularly review and refresh consent.
Update patients of processing and purposes of data use.
Do not make consent a precondition to service
Do not use pre-ticked boxes