Skip to content
8Fold governance Logo With Text Horizontal
  • DTAC
  • Services
    • DTAC
    • Cyber Security
    • Data Security & Protection (DSPT)
    • Interoperability, Accessibility & Usability
    • Clinical Safety & DCB0129
    • Information Governance
  • About
    • Meet the team
    • Join us
  • News
    • Blog
    • Case Studies
  • Contact
Menu
  • DTAC
  • Services
    • DTAC
    • Cyber Security
    • Data Security & Protection (DSPT)
    • Interoperability, Accessibility & Usability
    • Clinical Safety & DCB0129
    • Information Governance
  • About
    • Meet the team
    • Join us
  • News
    • Blog
    • Case Studies
  • Contact
  • +44 (0)1273 569172

← From our blog

GPDPR: A painful lesson in Transparency…or lack thereof (Part 4)

← From our blog

GPDPR: A painful lesson in Transparency…or lack thereof (Part 4)

GPDPR: An astounding lesson in Transparency Part 2 | 8Fold

This blog is part 4 in a series delving into the GPDPR programme to uncover what went wrong, the lessons that should have been learned from care.data and what you will need to do to meet your obligations for GPDPR.  Links to the other blogs in this series can be found here:

  • Part 1: Lessons from history – where did care.data get it so wrong?
  • Part 2: What lessons can be learned from care.data?
  • Part 3: Where could the GPDPR Programme have improved?

What can those affected by GPDPR do now?

For any organisations which may be impacted by the recent GPDPR, all is not lost!  There are some practical steps organisations can take to try and address the concerns and criticism appearing in the media and circulating around social media:

  1. Signpost members of the public to the NHS Digital information about the GPDPR
  2. Make sure front line staff are aware of the existence of Type 1 Opt Outs and the National Data Opt Out, and understand the difference between the two (although in practice, individuals will often want to opt out of everything meaning they will need to apply both opt outs).

For any organisations that may be planning projects involving personal data, particularly healthcare data, make sure the following form part of your project plan:

  1. Scope your project carefully to determine:
    1. What data you will collect (and whether it meet the definition of ‘personal data’ – remember, data which is ‘de-identified’ may still be considered personal data so don’t make the mistake of thinking you’re dealing with anonymised data when you aren’t)
    2. Where the data will be obtained from (particularly if data collected for one purpose is going to to be repurposed for something different or new)
    3. What purposes any data will be used for
    4. Who any data might be shared with or made available to (both within your organisation and outside)
  2. Use the DPIA process to assess the aims, scope and proposed approach – do this before any decisions have been made about what you will do or how you will do it so you can respond in an agile way.
  3. Prepare to be transparent with individuals and assume that you will need to earn their trust – this may include engaging with people at an early stage and responding to their feedback, publishing your DPIA and communicating your plans.  If you think people might react badly to what you are planning to do, consider why this might be and what you might be able to do differently.
  4. Consult with as many people as possible to test your assumptions – most importantly, don’t forget to engage with the most important group: the data subjects whose data you will be collecting and using.
  5. Consider what choices people will have around the use of their data and how they can effectively exercise these.
  6. Communicate effectively with people – think about the best ways to communicate with different groups and plan to use a variety of methods.  Don’t make the mistake of thinking an update to your website will necessarily be sufficient!

How can 8fold help?

At 8foldGovernance we help you to resolve any potential barriers around the implementation of GPDPR, DCB0129 or any other data protection standards including the Digital Technology Assessment Criteria (DTAC). We will support you to better identify and analyse any problems in your workflow, understand the local architecture and select appropriate solutions that stand the greatest chance of achieving success. It’s what we do. 

From planning prototypes, to medical device certification, governance, cyber security and marketing, we’ve got you covered. Contact us today for a free no-obligation chat to find out more about how we can help resolve your IG barriers, or help bring your innovation to market and achieve success.

Find out more about Our Services.

Do you meet the statutory requirements under DCB0129?

Ensure that clinical safety is a core practice for your organisation and that the statutory requirements for health IT in the UK (DCB0129) are met, including having a named clinical safety officer. To find out how we can help, contact us for a no-obligation call. We’ll help you to understand what your obligations are and also what needs to be done to ensure that you are compliant with the mandatory requirements.

Adam Spinks

Adam Spinks

Adam is a specialist information governance lead and has worked extensively for NHS trusts, CCG’s, private healthcare providers and digital health technology companies. He has extensive knowledge of data protection and privacy law, information risk management, data flow mapping and is expert in the practical application of data protection impact assessments (DPIA) and information sharing agreements (ISA). He is an expert communicator and trusted advisor in the industry.

Published:

  • July 3, 2021

Posted In:

  • GPDPR

SHARE THIS POST

Facebook-f Twitter Linkedin-in Envelope

Book your free, no-obligation discovery call with our experts.

If you need for support with any of your information governance and compliance needs including, DTAC, DSP Toolkit and Clinical Safety (DCB0129 and DCB0160), please get in touch for quick no obligation chat.

Book your call now
Book your call now

Other articles

History Lesson in Compliance

A Quick History Lesson in Health & Care Compliance

Read article →
Insource DTAC case study

Case Study: Insource – The route to DTAC compliance

Read article →
What is Clinical Safety?

What is Clinical Safety?

Read article →
8fold Zen Logo

+44 (0) 1273 569172

info@8foldgovernance.com

DTAC SERVICES

  • Full DTAC Support
  • Information Governance
  • Clinical Safety
  • Data Security & Protection
  • Interoperability, Accessibility & Usability
  • Cyber Security

LINKS

  • About
  • News
  • Join Us
  • Case Studies
  • Contact
  • Charity Work
DSPT Data Security And protection Toolkit 8Fold
Information Governance Badge 8 Fold
8 fold governance net promoter score
The Green Web Foundation Score 8fold governance
Cyber Essentials Trademark
B1G1 Logo

 Privacy Policy | Cookie Policy | Terms & Conditions

© 2023 8Fold
8Fold governance Teal Zen logo

+44 (0) 1273 569172

info@8foldgovernance.com

DTAC SERVICES

  • Full DTAC Support
  • Information Governance
  • Interoperability, Accessibility & Usability
  • Clinical Safety Data
  • Security & Protection
  • Cyber Security

LINKS

  • About
  • News
  • Case Studies
  • Contact
Cyber Essentials Trademark
Green Wen Foundation 8Fold
8Fold Net Promoter Score

Customer

Satisfaction

Rating

B1G1 Logo

 Privacy Policy | Cookie Policy | Terms & Conditions

© 2023 8Fold
X We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies. However you may visit Cookie Settings to provide a controlled consent.
Read More ACCEPT Cookie settings
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
Save & Accept