Ensure that everyone in your practice is aware that data protection requirements are changing and what is needed to comply with these changes (see Data Protection, Confidentiality and Information Security Policy May 2018 template (Word)).

  Review your practice risk management processes and record the outcome of this.

  • Policies and procedures within the practice may need to be updated to reflect the requirements of the General Data Protection Regulations (GDPR) and you should ensure that staff are aware of and implement these changes.

This interim advice is based on resources from the Information Commissioner’s Office (ICO) website. Although every effort has been made to ensure the accuracy of this advice, SDCEP takes no responsibility for inaccuracies or omissions and does not accept responsibility for any loss, damage or expense resulting from the use of this information. Further advice on complying with GDPR can be found on the ICO website and via the EU GDPR learning resource. Your indemnity organisation may also provide information and resources to help you comply and be able to advise you regarding particular issues that may arise from GDPR implementation.