GDPR Practices / Surgeries / Therapy Checklist
GDPR practices for practices, surgeries and therapists.
GDPR is EU law on data protection and privacy for all EU citizens which went into effect May 25, 2018.
Checklist to helps you think about how you need to handle clients personal data. Personal data is defined as any information related to a person that can be used to directly identify them. These include anything from a name, photo, email address, bank details, medical information, or even a computer IP address.
Understand your General Data Protection Regulation Compliance Responsibilities.
There are other website legal pages that might be needed check out our website legal pages checklist.
*GDPR ( General Data Protection Regulation)
GDPR Practices Checklist
Make the request for consent noticeable.
Easy to Understand
Use clear, plain english so easy to understand.
Inform the patient why you need the data and what is going to happen with it.
Give options for consent to different purposes of data use and processing.
Who Has Access
Specifically name practice and any other third parties people or businesses who will use thethe data from giving consent.
Withdrawal of Consent
Inform the patient they can withdraw consent at any time.
Process of Withdrawal
Make the process of withdrawal clear and easy
Any withdrawal of consent must happen as soon as possible
Process to regularly review and refresh consent.
Update patients of processing and purposes of data use.
Not Condition of Service
Do not make consent a precondition to service
Do not use pre-ticked boxes
Data Protection Impact Assessment (DPIA) identifies and minimise risks from data processing. Help you analyse, identify and minimise any data
General Data Protection Regulation (GDPR) applies to any company that transacts with European Union citizens. The European Union (EU) is