- Do you have a question for us on Information Governance or General Data Protection regulation
- Contact Steve Turner 07931 919 330 voice, text, WhatsApp.
Click on the link below this image for COVID-19 Resources
Learning materials for all staff
The video below lists actions that have been completed for Integro Pharmacy.
When you must share information between organisations . Myth Buster.
Blogs for Staff and your customers
FEQUENTLY ASKED QUESTIONS:
Who do I call for help if I need immediate advice and you’re not around?
For information on data breaches NHS Data Security Centre: 0300 303 5222
Information on GDPR for small business from the Information Commissioner’s Office: [ICO] 0303 123 1113
Data Security and Protection Toolkit inquiries helpdesk : 0300 303 4034
Can I use WhatsApp to share patient information?
No. WhatsApp and (at present) all instant messaging systems are not GDPR compliant.
Is the Data Protection Officer personally responsible for GDPR beaches?
Do we have to ask for consent now from all our customers?
How do I report a personal data breach?
Steps to follow:
- Ensure the person reporting the incident is the ‘data subject’ (that’s the person
who’sprivacy has been breached) or someoneto talk on their behalf. authorised
- Inform them that you need to take down details of the incident,
and tell them that youwill then pass this on to the General Data Protection Lead, Steve Turner.
- Involve your Pharmacy Superintendent Pharmacist or the Pharmacist on duty.
- Fill out an incident form.
- Check if there are any immediate risks that need managing and take appropriate actions (discuss this with colleagues).
- Contact Data Protection Lead Steve Turner (if you haven’t already) on 07931 919 330
- Steve will handle the incident from this point onwards.
What needs to be done if somebody asks for a copy of their own data, or to change their data?
If somebody asks for a copy of their data, most often a repeat prescription slip covers their requirement.
If there is a mistake in someone’s data (e.g. data of birth, address, etc) correct it as before.
For anything more complicated, or if you are concerned, refer it to me 07931 919 330.
Please note under the legal basis for most Community Pharmacy work patients /customers are not entitled to have their personal data deleted. Again if this comes up refer them to me.
What are the most essential things we need to do to be #GDPR compliant?
- Appoint a Data Protection Officer
- Document the legal basis for processing (it’s covered in the PSNC GDPR Workbook)
- Make a ‘Privacy Statement’ available to customers
- To be compliant with Information Governance (The NHS Data Protection and Security Toolkit)
- To have contracts with ‘processors’ who are GDPR compliant
As a Community Pharmacy we are classed as a ‘Controller’ under #GDPR, what does that mean?
- A controller determines the purposes and means of processing personal data.
- A processor is responsible for processing personal data on behalf of a controller.
Can fax machines still be used under GDPR?
Yes. Your eFAX system is GDPR compliant.
Do you have a question for us on Information Governance or General Data Protection regulation ? Contact Steve Turner 07931 199 330 voice, text, WhatsApp.
There have been a number of fake officials taking advantage or worries around new rules to extort information. So to ensure transparency here’s a picture of me:
When I ‘phone (normally from 07931 919 330) I will also ask if you would like to verify my identity before speaking to me.
My date of birth is 12/08/1954. Postcode PL25 5EA.
Any questions? Call me on 07931 919 330 or email firstname.lastname@example.org
Page last updated: 14.05.2020
Author: Steve Turner
14.05.2020 – Updates for 2020 /2021 commenced.