With QOF out the way, it’s time to start thinking about the General Data Protection Regulation (GDPR) which will be upon us in just five weeks’ time! We wanted to share something that specifically relates to the impact and implications that the GDPR will have for GP Surgeries and Practice Managers.


What is the GDPR?

In short, the General Data Protection Regulation (GDPR) is a European legislation which will be implemented across the EU on Friday 25th May 2018. This will replace the Data Protection Act (DPA) and is the first major update to how businesses process data since 1998. As such, it needs to be considered by all medical practices in its entirety – you must show and justify that all your systems are compliant.


What does the GDPR mean for Practice Managers?

We found that Practice Index have collated a pool of resources titled “GDPR – What’s available to Practice Managers?”. This collection of useful information is focussed for GP Surgeries, particularly Practice Managers, but may be of interest to other practice staff too.

They also offer a five-star-rated FREE GDPR training course exclusively for Practice Index PLUS members. Standard membership is free but you must use your NHS email address.


What else is there?

The official EU GDPR Portal contains the particulars of the regulation as well as some really useful FAQs.

Further guidance and reading around the subject can be found here:


Is my telephony GDPR compliant?

There is nothing about the telephone system itself that is impacted by the GDPR principles, however, the following outlines our understanding of the impact specifically relating to Call Recording. You should always take advice for your organisation from an appropriate body or the Information Commissioner’s Office.


Can I still record calls?

You may still record your calls but you should be informing your callers that their conversation will be recorded and provide them with the legal grounds on which you intend to process their recorded call data. Otherwise, you will need to give them an option to not have their call recorded.

For that reason, you will need to rethink your auto-attendant message for inbound calls. We can support you in re-recording your messages once you have taken advice, agreed the lawful basis on which you will be recording calls and finalised your script. This service starts at £45, dependent on requirements and system configuration.

If you intend to record outbound calls, you may benefit from providing your staff with a script for advising patients that those calls are being recorded.


Call Recording hardware and software

We have advice about our Call Recording solution within our Maintenance Policy. For your information, Premier Choice have also put in place separate system security and access processes to differentiate between you accessing your call recorder and us accessing it remotely so that you can be confident of what we are doing on your behalf and/or request. We also cover call recording and how we use data in our revised T&Cs and Privacy Policy.

Our Call Recording hardware and software (CommSoft) voice recording is 128 bit encrypted and provides secure user password protected logon access control. Recordings can be quickly located using multiple search criteria (phone number, date, time etc.) to ensure GDPR requirements for Right to Access, Right to be Forgotten and Data Portability can be complied with.


If you’d like to know more about what Premier Choice Group is doing to ensure GDPR compliance, please see our Privacy Policy.


If you are in doubt about your GDPR commitments please seek guidance from the NHS or the Information Commissioner’s Office.


We hope you find this useful and can make the necessary preparations in time.

Topics covered in this post
| | |