December 2015 Pamela Forde Data protection officer Royal College of Physicians Data privacy The future for the health sector.

Slides:



Advertisements
Similar presentations
IMPS Information Management and Policy Services Information Services Directorate A briefing for all University staff November 2004 New Information Legislation.
Advertisements

Data Protection Billy Hawkes Data Protection Commissioner Irish Human Rights Commission 20 November 2010.
Records Management and the NHS Code of Practice (Foundation) Information Governance Policy Team NHS Connecting for Health.
Southern Institute for Health Informatics Portsmouth 5 th September Dame Fiona Caldicott The power of information – sharing for patients and wider society.
Information: to share or not to share? BCS HC 2012 Conference London 2 nd May Dame Fiona Caldicott.
1 Confidentiality and data use in the NHS in Scotland Rod Muir, ISD.
A brief to the Patients. What is consent? Dictionary definition is “verb: to agree to, noun; permission, agreement.” But what does that mean in medical.
Big Data and data protection
Information for Decision Makers Acknowledgement: Adapted from Liverpool CCG, with kind permission.
Communications Briefing: Navigating the clouds Sam Parr and Ian Walden Wednesday 21 October 2009, – 2.00 pm.
Data Protection and Records Management
Higher Administration and IT Administrative Practices.
Privacy in Ontario Brian Beamish Office of the Information and Privacy Commissioner/Ontario Presentation to Security Canada Central 2002 International.
Security of Computerized Medical Information: Threats from Authorized Users James G. Anderson, Ph.D. Purdue University.
Information Privacy Policy in Canada Presented By: Sue Wu.
NHS England Interoperability Programme Workshop Information Governance 16 th December 2014.
Class 13 Internet Privacy Law European Privacy.
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
The Nuffield Council on Bioethics Report : The collection, linking and use of data in biomedical research and health care: ethical issues. Martin Richards.
The ICO and the DPA Ken Macdonald Assistant Commissioner Information Commissioner’s Office ScotStat Public Sector Analysts Network 30 th September 2010.
1 OVERVIEW PRESENTATION FREEDOM OF INFORMATION (SCOTLAND) ACT 2002.
Principles of medical ethics Lecture (4) Dr. rawhia Dogham.
Patients Bill of Rights. What is a Patient’s Bill of Rights? A list of patients rights. It offers guidance and protection to patients by stating the responsibilities.
DATA PROTECTION OFFICE
The Information Commissioner’s Office David Evans.
NHS England & Customer Contact Centre FOI Introduction 2013.
HIPAA Michigan Cancer Registrars Association 2005 Annual Educational Conference Sandy Routhier.
Data Protection Act & Freedom of Information Simon Mansell Corporate Governance and Information Team.
Patient access to on-line records Policy perspective Peter Short National Clinical Lead GP Department of Health Informatics Directorate & GP Partner in.
HIPAA LAWS.  Under the privacy rule, the patient must give consent to use his or her Protected Health Information.  Examples in which consent must be.
HealthWatch Devon: National update Mark Woodcock Head of Engagement NHS South of England.
Data Protection - Rights & Responsibilities Information Commissioner’s Office Orkney Practice Forum 4 th July 2007.
INTRODUCTION TO DATA PROTECTION An overview of the Irish Data Protection legislation.
Legal framework Look at the legal compliance and framework a business is subject to.
Enhanced Data Sharing Electronic Referrals Danielle Scanlan – Clinical Systems Trainer.
Presentation Title Data Protection The new EU Regulation Insert your logo here.
© University of Reading Lee Shailer 06 June 2016 Data Protection the basics.
Workshop Understanding your responsibilities under the Data Protection Act 1998 and the Freedom of Information Act 2000 Adele Rhodes Girling.
Data protection—training materials [Name and details of speaker]
Key Points for a Privacy Programme for Multinationals Steve Coope.
Principles of medical ethics Lecture (4) Dr. HANA OMER.
What is HIPAA? Health Insurance Portability and Accountability Act of HIPAA is a major law primarily concentrating on the prolongation of health.
2011 Annual May Workshop The Australian Privacy Law Reform Project: a snapshot Karin Clark 4 May 2011.
General Data Protection Regulation (GDPR)
Overview General Data Protection Regulation (GDPR)
THE NEW GENERAL DATA PROTECTION REGULATION: A EUROPEAN OR A GLOBAL STANDARD? Bart van der Sloot Senior Researcher Tilburg Institute for Law, Technology,
General Data Protection Regulations and the IoT
Data Protection The Current Regime
General Data Protection Regulation
General Data Protection Regulations Preparing for the upcoming changes in data protection law David Jones & Angharad Williams.
International Regulatory Trends
CONNECTING INFORMATION FOR THE HEALTH OF THE NATION V July 2015
The European Union General Data Protection Regulation (GDPR)
GENERAL DATA PROTECTION REGULATION (GDPR)
General Data Protection Regulation
Introduction to GDPR 09/11/2018.
Move this to online module slides 11-56
Are you processing personal data lawfully?
From DPA to GDPR: the key elements
General Data Protection Regulation
A Patient has the Right to…..
Data Protection What’s new about The General Data Protection Regulation (GDPR) May 2018? Call Kerry on Or .
Mathew Norman, Policy & Public Affairs Officer, RLA Wales
LORDSHILL HEALTH CENTRE GDPR Information
GDPR How does it apply to me?.
GDPR For The Voluntary Sector
Data Protection: The new EU Regulation
Overview of the recommendations regarding approximation of the Law on personal data protection to the new EU General data protection regulation Valerija.
GDPR: Understanding your obligations and the ongoing challenges
GDPR Workshop – Partnerships for Jewish Schools
Presentation transcript:

December 2015 Pamela Forde Data protection officer Royal College of Physicians Data privacy The future for the health sector

Current UK law on privacy Data protection act Freedom of Information act Environmental information regulation Privacy and electronic communications regulations

Current UK health landscape GP surgeries–private sector (DPA, PECR) NHS–public sector (DPA, EIR, FOIA, PECR) Commercial partners for public service delivery–Private sector (DPA, PECR, others under contract only) HSCIC – NHS hospital care records (exempt from DPA under UK legislation) Care data/summary care record?

Care data developments The initiative is being trialed in specific areas, prior to a national rollout. When? Care.data pathfinders websites: West Hampshire CCG Blackburn with Darwen CCG Somerset CCG Leeds South and East CCG Leeds West CCG Leeds North CCG Leeds South and East CCGLeeds West CCGLeeds North CCG

EU Regulation, replaces DPA Right to be forgotten (medical treatment exemption) No more fees for supplying data Explicit and informed consent needed Data minimisation Fewer exemptions for research, must be high public interest The data subject owns all data about themself, even if created by others

EU Regulation, replaces DPA Right to opt out of profiling New focus on the use and exploitation of personal data Full processing notices replace annual registration Funding will have to come from fines? Requirement to notify the regulator for any breach with potentially serious consequences within 72 hours

EU Regulation, replaces DPA Applies as written in all territories Derogations for national security, employment regulations and research/archive structures Strongly recommends data protection officer role Additional cross territory reporting and enforcement systems More data processor obligations

The RCP position We support a single set of rules for all We support the requirement to have professional DPOs in more organisations We support the focus on data use We are concerned about the right to be forgotten regarding health data We are concerned about the reduced exemptions for research

Current issues with long term effect Europe/USA and Schrems Google search results Big data analytics Commercialisation of personal data

The archives position Public records collected and held under state legislation are probably covered What else is in the public interest? What about private medical organisations, especially those without a direct clinical role? What about data minimisation and the right to be forgotten?

How to prepare? Review privacy notices and collection statements Identify where your data is held in all parts of the lifecycle Review contracts with suppliers and partners Agree what documentation is covered under private partner service delivery Only keep data needed for stated uses

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.