{"id":3657,"date":"2018-05-16T09:49:44","date_gmt":"2018-05-16T09:49:44","guid":{"rendered":"http:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/?p=3657"},"modified":"2018-06-18T10:57:44","modified_gmt":"2018-06-18T10:57:44","slug":"gdpr-care-sector","status":"publish","type":"post","link":"https:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/news\/gdpr-care-sector\/","title":{"rendered":"GDPR in the Care sector \u2013 what you need to know"},"content":{"rendered":"<p>On 25th May, the rules around how organisations keep and use data is changing. At McClarrons, we\u2019ve pulled together an overview of what the rules are, and how you can stay compliant.<\/p>\n<p>The new General Data Protection Regulation (GDPR) is an EU rule which will replace the Data Protection Act of 1998 from 25th May. Britain\u2019s exit from the EU will not affect the changes, which have been brought about to give people greater control over their information and how it is stored and used by all types of organisations, including those in the care sector.<\/p>\n<p>As care and nursing homes are more likely to hold sensitive data, it\u2019s especially important that care organisations take note of what GDPR means for them, as a breach could have a notable impact on those whose data has been left vulnerable.<\/p>\n<p>Any fines or investigation from the Independent Commissioners Office (ICO) are dependent on the severity of the breach, and it\u2019s up to you to keep people\u2019s information safe.<\/p>\n<p>Organisations which fail to comply with GDPR risk fines of up to \u20ac20 million or 4% of annual turnover, whichever is greater, for the most serious breaches.<\/p>\n<p><strong>What does GDPR say about data?<\/strong><\/p>\n<p>The principles of the new regulation say that personal data held by organisations should be:<\/p>\n<ul>\n<li>Processed lawfully, fairly and in a transparent manner<\/li>\n<li>Collected for specified, explicit and legitimate purposes<\/li>\n<li>Adequate, relevant and limited to what is necessary<\/li>\n<li>Accurate and, where necessary, kept up-to-date<\/li>\n<li>Kept in a form which permits identification of data subjects for no longer than is necessary<\/li>\n<li>Processed in a manner that ensures appropriate security<\/li>\n<\/ul>\n<p><strong>How to stay compliant<\/strong><\/p>\n<p>Familiarise yourself with the data you currently hold \u2013 You need to review what personal data you currently hold, why you have it, and how you obtained it. These new rules as stated above allow you to communicate information which is essential to the provision of your service.<\/p>\n<p>If you want to continue to send marketing communications, you\u2019ll need to ensure that contacts have actively \u201copted in\u201d to phone calls, emails, letters or texts.<\/p>\n<p><strong>Focus on security<\/strong> \u2013 Encryption sits high on the GDPR agenda as this greatly reduces the likelihood of leaving data vulnerable to exposure. If you demonstrate that prudent measures have been taken to protect the data you hold, including encryption, staff education and anti-virus software, you\u2019re less likely to incur a penalty if there is a breach.<\/p>\n<p><strong>Be aware of new rights<\/strong> \u2013 Be prepared for the fact that individuals have more rights when it comes to accessing the data you hold on them and asking for it to be removed. One of the differences between GDPR and the Data Protection Act is that there are no fees for individuals to pay when making a data request.<\/p>\n<p><strong>Understand what represents a breach<\/strong> \u2013 A breach goes beyond losing someone\u2019s personal data or leaving their information vulnerable to hackers. It can also relate to unauthorised access or disclosure, loss or complete destruction, and alteration.<\/p>\n<p>Depending on the repercussions, such an incident could be classed as a \u201cserious breach\u201d, and would, therefore, need to be reported to the ICO within 72 hours. An example might be an event which leads to lost medical notes.<\/p>\n<p>A minor may refer to an instance where data hasn\u2019t been compromised (such as sending an email to the wrong person) and so wouldn\u2019t need to be reported.<\/p>\n<p><strong>Update your privacy notices<\/strong> \u2013 Your website privacy notices explain the legalities around your need to process data. As there will be greater restrictions on why you hold personal data and for how long, these privacy notices will need to go into much greater detail, but still be easy to understand for your customers.<\/p>\n<p>Under the new GDPR, information within your website privacy notice should include:<\/p>\n<ul>\n<li>Why you\u2019re processing the data in the first place from a legal perspective<\/li>\n<li>Who you may be sending it to<\/li>\n<li>How long you\u2019re holding it for and what determines this period<\/li>\n<li>A reminder of the data subjects rights<\/li>\n<\/ul>\n<p><strong>Do you need a data protection officer (DPO)? &#8211; <\/strong>Organisations with over 250 employees dealing with sensitive data will need to appoint a data protection officer, to monitor or process sensitive data.<\/p>\n<p>If you have fewer than 250 employees, you will need to document instances of high-risk processing.<\/p>\n<p>To discuss your responsibilities and how insurance can support you in the face of regulatory action, get in touch with the care team at McClarrons. Call 01653 697055 or email <a href=\"mailto:care@networkportfolio.co.uk\/mcclarroninsurance.com\">care@networkportfolio.co.uk\/mcclarroninsurance.com<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>On 25th May, the rules around how organisations keep and use data is changing. At McClarrons, we\u2019ve pulled together an overview of what the rules are, and how you can stay compliant. The new General Data Protection Regulation (GDPR) is an EU rule which will replace the Data Protection Act of 1998 from 25th May. [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":3693,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[4],"tags":[618,619,620,621,622,608,402,336,458,52,315],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v16.6 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>GDPR in the Care Sector - what you need to know<\/title>\n<meta name=\"description\" content=\"With GDPR coming into force on 25th May, in our latest blog post, we take a look at what Care organisations need to consider to ensure they are compliant and protecting service users&#039; data sufficiently.\" \/>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"GDPR in the Care Sector - what you need to know\" \/>\n<meta property=\"og:description\" content=\"With GDPR coming into force on 25th May, in our latest blog post, we take a look at what Care organisations need to consider to ensure they are compliant and protecting service users&#039; data sufficiently.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/news\/gdpr-care-sector\/\" \/>\n<meta property=\"og:site_name\" content=\"McClarrons Insurance\" \/>\n<meta property=\"article:published_time\" content=\"2018-05-16T09:49:44+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2018-06-18T10:57:44+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/wp-content\/uploads\/2018\/05\/GDPR-in-Care1920x700.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"700\" \/>\n<meta name=\"twitter:card\" content=\"summary\" \/>\n<meta name=\"twitter:label1\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/#website\",\"url\":\"https:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/\",\"name\":\"McClarrons Insurance\",\"description\":\"McClarrons Insurance\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-GB\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/news\/gdpr-care-sector\/#primaryimage\",\"inLanguage\":\"en-GB\",\"url\":\"https:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/wp-content\/uploads\/2018\/05\/GDPR-in-Care1920x700.jpg\",\"contentUrl\":\"https:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/wp-content\/uploads\/2018\/05\/GDPR-in-Care1920x700.jpg\",\"width\":1920,\"height\":700},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/news\/gdpr-care-sector\/#webpage\",\"url\":\"https:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/news\/gdpr-care-sector\/\",\"name\":\"GDPR in the Care Sector - what you need to know\",\"isPartOf\":{\"@id\":\"https:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/news\/gdpr-care-sector\/#primaryimage\"},\"datePublished\":\"2018-05-16T09:49:44+00:00\",\"dateModified\":\"2018-06-18T10:57:44+00:00\",\"author\":{\"@id\":\"https:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/#\/schema\/person\/d8d89e678fefe9da69ea092464112dac\"},\"description\":\"With GDPR coming into force on 25th May, in our latest blog post, we take a look at what Care organisations need to consider to ensure they are compliant and protecting service users' data sufficiently.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/news\/gdpr-care-sector\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/news\/gdpr-care-sector\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/news\/gdpr-care-sector\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"GDPR in the Care sector \\u2013 what you need to know\"}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/#\/schema\/person\/d8d89e678fefe9da69ea092464112dac\",\"name\":\"Emily Andrews\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/#personlogo\",\"inLanguage\":\"en-GB\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/3346eee23751744fca4c9a5253c9398b?s=96&d=blank&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/3346eee23751744fca4c9a5253c9398b?s=96&d=blank&r=g\",\"caption\":\"Emily Andrews\"},\"url\":\"https:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/news\/author\/emily-andrews\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","_links":{"self":[{"href":"https:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/wp-json\/wp\/v2\/posts\/3657"}],"collection":[{"href":"https:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/wp-json\/wp\/v2\/comments?post=3657"}],"version-history":[{"count":2,"href":"https:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/wp-json\/wp\/v2\/posts\/3657\/revisions"}],"predecessor-version":[{"id":3792,"href":"https:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/wp-json\/wp\/v2\/posts\/3657\/revisions\/3792"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/wp-json\/wp\/v2\/media\/3693"}],"wp:attachment":[{"href":"https:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/wp-json\/wp\/v2\/media?parent=3657"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/wp-json\/wp\/v2\/categories?post=3657"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.networkportfolio.co.uk\/mcclarroninsurance.com\/wp-json\/wp\/v2\/tags?post=3657"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}