Posted by Paul Daniels, Partner
GDPR guidance for community pharmacies
The Pharmaceutical Services Negotiating Committee has published a series of guidance documents to assist community pharmacy contractors in attaining General Data Protection Regulation (GDPR) compliance.
The guidance produced by the PSNC discusses each part of the GDPR legislation and how it will apply to the community pharmacy sector.
PSNC has divided their guidance into the following sections:
- Guidance for Community Pharmacy (Part 1): this should help contractors to understand the GDPR requirements, and it sets out the steps they will need to take to comply.
- Guidance for Community Pharmacy (Part 2): this has been made available to assist with staff training.
- Workbook for Community Pharmacy (Part 3): this contains a set of templates that contractors can use to show that they are meeting all the GDPR requirements.
- FAQs for Community Pharmacy (Part 4): this provides answers to key questions on the GDPR.
To assist contractors in dealing with the legislation going forward, the PSNC has come up with the mnemonic DATAPROTECTED, as a short cut guide to compliance:
- Decide who is responsible
- Action plan
- Think about and record the personal data you process
- Assure your lawful basis for processing
- Process according to data protection principles
- Review and check with your processors
- Obtain consent if you need to
- Tell people about your fair processing notice
- Ensure data security
- Consider personal data breaches
- Think about data subject rights
- Ensure privacy by design
- Data protection impact assessment
PSNC concludes that whilst GDPR brings a new approach to data protection, because of historic good practice, pharmacy teams are already used to managing personal data and are already subject to considerable information governance (IG) requirements.
However PSNC will hold two live webinars in early April where they will talk contractors through the information given in their guidance documents.
Register for the webinars at: psnc.org.uk/webinar
In addition, our dedicated GDPR specialists can help with any advice or queries you have:
0800 923 2073 Email us
Health & Social Care
Part of your trusted team, on hand to provide expert advice