Search our news, events & opinions

GDPR guidance for community pharmacies

Author headshot image Posted by , Partner

The Pharmaceutical Services Negotiating Committee has published a series of guidance documents to assist community pharmacy contractors in attaining General Data Protection Regulation (GDPR) compliance.

The guidance produced by the PSNC discusses each part of the GDPR legislation and how it will apply to the community pharmacy sector.

PSNC has divided their guidance into the following sections:

  • Guidance for Community Pharmacy (Part 1): this should help contractors to understand the GDPR requirements, and it sets out the steps they will need to take to comply.
  • Guidance for Community Pharmacy (Part 2): this has been made available to assist with staff training.
  • Workbook for Community Pharmacy (Part 3): this contains a set of templates that contractors can use to show that they are meeting all the GDPR requirements.
  • FAQs for Community Pharmacy (Part 4): this provides answers to key questions on the GDPR.


To assist contractors in dealing with the legislation going forward, the PSNC has come up with the mnemonic DATAPROTECTED, as a short cut guide to compliance:

  • Decide who is responsible
  • Action plan
  • Think about and record the personal data you process
  • Assure your lawful basis for processing
  • Process according to data protection principles
  • Review and check with your processors
  • Obtain consent if you need to
  • Tell people about your fair processing notice
  • Ensure data security
  • Consider personal data breaches
  • Think about data subject rights
  • Ensure privacy by design
  • Data protection impact assessment

Next Steps

PSNC concludes that whilst GDPR brings a new approach to data protection, because of historic good practice, pharmacy teams are already used to managing personal data and are already subject to considerable information governance (IG) requirements.

However PSNC will hold two live webinars in early April where they will talk contractors through the information given in their guidance documents.

Register for the webinars at:

In addition, our dedicated GDPR specialists can help with any advice or queries you have:

0800 923 2073     Email

Leave a comment

Thank you for choosing to leave a comment. Please keep in mind that comments are moderated and please do not use a spammy keyword or a domain as your name or it will be deleted.




Health & Social Care

Part of your trusted team, on hand to provide expert advice

Learn more


T: 01225 730 141 (DDI)

Search our news, events & opinions