{{ item.label }}: {{ item.title }}

Responding to Subject Access Requests for Health & Social Care

Training dates throughout the year:

Thu, 30 May 2024
Virtual, Online 		Virtual, Online
Tue, 16 Jul 2024
Virtual, Online 		Virtual, Online
Tue, 24 Sep 2024
Virtual, Online 		Virtual, Online
Download brochure

This practical workshop, facilitated by Barry Moult, a former Head of Information Governance for an NHS Trust, will look at managing Subject Access Requests and what you need to consider to comply with legislation and upholding individuals rights to access personal and sensitive information held about them. This will enable delegates to look at case studies and have the confidence to respond to requests.

“The right of individuals to access information that organisations hold on them is one that is vital for transparency, and is enshrined in law. What we’re seeing now is that many employers are misunderstanding the nature of subject access requests, or underestimating the importance of responding to requests. For example, employers may be unaware that requests can be submitted informally, such as over social media, or do not have to contain the words ‘subject access request’ in order to qualify as a legally binding request. Similarly, employers may not realise that there is a strict time frame for responding to requests, and this must be kept to.”

Elanor McCombe, Policy Group Manager at the Information Commissioner’s Office

In 2018 both the General Data Protection Regulation and a new Data Protection Act were introduced in the UK, requiring health and social care bodies, by the nature of their work, to respond to Subject Access requests.  There is, to a certain extent, relatively clear guidance in the legislation as to what this requires organisations to do. This course, however, facilitated by an experienced Information Governance & Health Records Manager, undertakes to highlight how to practically implement the requirements, introducing a practical approach to Subject Access Requests.

Within Health and Social Care (inc. third sector); Data Protection Officers, Deputy Data Protection Officers, Information Governance Professionals and Line Managers of any of the above should attend this masterclass.

In May 2023, the ICO published a new guide on responding to subject access requests Read in full here

Key Learning Objectives include understanding:

  • Background and Legal Basis

  • Definitions

  • Working with others in the organisation: Information Asset Owners, Health Records Manager, Data Protection Officer, Caldicott Guardian, Senior Information Risk Owner

  • How to Manage a Subject Access Request: Identifying a valid request, Excessive & Unfounded request, Locating the information requested, Collating, Redacting & Disclosure, Exemptions 

  • Requests from 3rd Parties: Solicitors, Insurance Companies, Police, Others, Requests from Staff

  • Complaints

  • Complex requests - Case studies

  • Information Commissioners Office - Audits and Enforcement

Facilitated by:

Mr Barry Moult

Information Governance Consultant
BJM IG Privacy Ltd

In-house Training

This course can be held at your organisation for up 25 delegates, we can tailor the content to suit your organisation and CPD needs of your staff. Led by experienced and highly rated trainers, in-house training works out cost-effective for groups and saves travel time.

Enquire
Contact katym@hc-uk.org.uk with your requirements for further information and a quote.

In-house Training

Fee Options

Virtual NHS, Schools, Care and Public Sector

£295.00

(£354.00)

(Prices in brackets include VAT)

Discounts

Additional delegate discount:

A discount of 15% will be applied to fees for any extra delegates.

Online discount:

A discount of 10% will be applied if you pay using the website.

Also of Interest

Information Governance Leads: What You Need to Know
Fri, 10 May 2024
The Caldicott Guardian National Annual Conference 2024
Tue, 21 May 2024
Hallam Conference Centre, London
Working Together: Combined course for Senior information Risk Owners, Caldicott Guardians and Data Protection Officers: Half day
Choice of dates
Data Protection Officer in Health and Social Care: What Good Looks Like
Fri, 13 Sep 2024
Data Protection Impact Assessments in Health and Social Care
Choice of dates
Data Protection & UK GDPR Compliance in the Care & Care Home Sector
Choice of dates
Masterclass: Developing your role as a Senior Information Risk Owner SIRO
Choice of dates
Caldicott Guardian Training Course
Choice of dates
Caldicott Guardian Refresher Masterclass
Choice of dates
Information Governance Leads: What You Need to Know
Fri, 10 May 2024
The Caldicott Guardian National Annual Conference 2024
Tue, 21 May 2024
Hallam Conference Centre, London
Working Together: Combined course for Senior information Risk Owners, Caldicott Guardians and Data Protection Officers: Half day
Choice of dates
Data Protection Officer in Health and Social Care: What Good Looks Like
Fri, 13 Sep 2024
Data Protection Impact Assessments in Health and Social Care
Choice of dates
Data Protection & UK GDPR Compliance in the Care & Care Home Sector
Choice of dates
Masterclass: Developing your role as a Senior Information Risk Owner SIRO
Choice of dates
Caldicott Guardian Training Course
Choice of dates
Caldicott Guardian Refresher Masterclass
Choice of dates

Supporting Organisations

Browser unsupported

You’re using an unsupported browser.

This website uses the latest web technology and your browser doesn't support those technologies at this time.

Please update to Chrome, Firefox, Edge or Safari (on Mac) to view the full experience.

Your privacy

This website uses cookies and similar technologies to better understand your needs, improve the website experience and personalise ads.

Read privacy policy Manage your cookie settings

Allow cookies & close