Health and Social Care

The area of health and social care has always been subject to a lot of regulation. This can make it extremely difficult to implement any compliance with updated data protection legislation. The demands on providers of health and care services in respect of privacy and security of information have never been higher. At the same time, technology and a desire for a more integrated approach to care means that our sensitive health information needs to be shared with an array of service providers.

The recent Data Protection Act 2018 and the GDPR mean that many services such as optometrists and dentists now need to appoint a Data Protection Officer (a DPO). Housing associations and care homes are likely to follow suit as well (some already require the appointment of a DPO). This would seem straightforward but for the rules of who can be a DPO for an organisation – they cannot generally be any of the senior managers or anyone who makes decisions on how data is used. The DPO also needs to have expert knowledge of data protection law.

We can provide this service for you. We understand the language of health and care, and we have a good understanding of the many regulations and guidance that govern the use of data within the sector.

Here is some of the extra legislation and guidance that we consult:

  • CQC Code of Practice on Confidential Personal Information
  • The Care Act 2014
  • The Health and Social Care act 2012
  • The National Health Service Act 1977
  • The NHS Reform and Health Care Professions Act 2002
  • The Public Health (Control of Disease) Act 1984
  • The Public Health (Infectious Diseases) Regulation 1988
  • The Housing Act 1998
  • The Protection of Freedoms Act 2012
  • NHS Confidentiality Code of Practice
  • IGA Records Management Guide
  • UK Caldicott Guardian Council
  • The Health and Social Care (Safety and Quality) Act 2015

If your organisation needs a DPO, or if you're not sure, then please feel free to contact us to discuss how we can help put your mind at rest.