With QOF out the way, it’s time to start thinking about the General Data Protection Regulation (GDPR) which will be upon us in just five weeks’ time! We wanted to share something that specifically relates to the impact and implications that the GDPR will have for GP Surgeries and Practice Managers.
What is the GDPR?
In short, the General Data Protection Regulation (GDPR) is a European legislation which will be implemented across the EU on Friday 25th May 2018. This will replace the Data Protection Act (DPA) and is the first major update to how businesses process data since 1998. As such, it needs to be considered by all medical practices in its entirety – you must show and justify that all your systems are compliant.
What does the GDPR mean for Practice Managers?
We found that Practice Index have collated a pool of resources titled “GDPR – What’s available to Practice Managers?”. This collection of useful information is focussed for GP Surgeries, particularly Practice Managers, but may be of interest to other practice staff too.
They also offer a five-star-rated FREE GDPR training course exclusively for Practice Index PLUS members. Standard membership is free but you must use your NHS email address.
What else is there?
Further guidance and reading around the subject can be found here:
- NHS Digital and the GDPR
- Practice Business: What will GDPR mean in (general) practice?
- First Practice Management: GDPR: What Practice Managers need to know?
Is my telephony GDPR compliant?
There is nothing about the telephone system itself that is impacted by the GDPR principles, however, the following outlines our understanding of the impact specifically relating to Call Recording. You should always take advice for your organisation from an appropriate body or the Information Commissioner’s Office.
Can I still record calls?
You may still record your calls but you should be informing your callers that their conversation will be recorded and provide them with the legal grounds on which you intend to process their recorded call data. Otherwise, you will need to give them an option to not have their call recorded.
For that reason, you will need to rethink your auto-attendant message for inbound calls. We can support you in re-recording your messages once you have taken advice, agreed the lawful basis on which you will be recording calls and finalised your script. This service starts at £45, dependent on requirements and system configuration.
If you intend to record outbound calls, you may benefit from providing your staff with a script for advising patients that those calls are being recorded.
Call Recording hardware and software
Our Call Recording hardware and software (CommSoft) voice recording is 128 bit encrypted and provides secure user password protected logon access control. Recordings can be quickly located using multiple search criteria (phone number, date, time etc.) to ensure GDPR requirements for Right to Access, Right to be Forgotten and Data Portability can be complied with.
We hope you find this useful and can make the necessary preparations in time.