10% Discount for online bookings
Email us or call 01932 429933
Fax 0208 181 6491
Twitter @SCUK_Kerry @SCUK_Kerry

Information Governance in Health and Social Care: GDPR

Dawn Monaghan opens the conference

News and updates from today’s conference focusing on Information Governance in Health and Social Care, ensuring demonstrable compliance with the new General Data Protection Regulation (GDPR) which comes into force in May 2018 and replaces the Data Protection Directive (1995). 

“The GDPR, which was approved in 2016 and comes into force on 25th May 2018 will be directly applicable as law in the UK. It will replace the Directive that is the basis for the UK Data Protection Act 1998, which will be repealed or amended. It is expected that the provisions of the GDPR will remain in force post-Brexit, and for the foreseeable future… Organisations must be able to demonstrate compliance.” 
“By establishing or adjusting governance arrangements to comply with the GDPR, organisations will be confident not only that they are respecting the law and data subjects’ rights but also that they are mitigating risk appropriately and have a defence in the event of a breach. Under the GDPR, the fines available are significantly increased and may be imposed for any infringement of the Regulation, not just data security breaches.”
Information Governance Alliance 2017 

The new requirements include key changes for health organisations and arm's-length bodies. From May 2018: 
• organisations will have to show how they've complied with the new law 
• penalties will be significantly increased for any breach of the regulation - not just data breaches 
• security breach notifications will be a legal requirement - to be notified within 72 hours 
• charges will be removed in most cases for provision of records to patients or staff who request them 
• trusts will be required to keep records of data processing activities 
• high risk processing will require a data protection impact assessment 
• data protection issues must be addressed in all information processes 
• there will be specific requirements for transparency and fair processing 
NHS Employers 2017

GDPR: Implications in Health & Social Care
Dawn Monaghan
, Chair, Health and Social Care Working Group on GDPR, and Head of Data Sharing and Privacy, NHS England

In her presentation Dawn covered:

  • GDPR: are you ready? 
  • guidance – what’s new and what needs to be in place by May 2018 
  • key considerations for Caldicott Guardians and information governance leads 
  • what is likely to have the greatest impact on your organisation 
  • raising awareness in your organisation


Dawn talked about what exactly would happen on the 25th May 2018. She also covered the publication schedule and the guides available. She talked about  Article 40 Codes of Contact which everyone is waiting for and will cover all the processes involved.

Full PowerPoint Presentation

How to ensure demonstrable compliance with the GDPR in practice
Iain Harrison, 
Information Governance Manager, Leicester City Council

In his presentation Iain covered:

  • how to comply with the GDPR in practice 
  • considering the personal information you hold: demonstrating and understanding the personal data you are holding and using 
  • data flows and data sharing 
  • communicating privacy information 
  • enhancing the rights for individuals to control data in an online world 
  • subject access requests 
  • issues around the processing of children’s personal data 
  • self assessment and planning: interactive exercise and discussion

Full PowerPoint Presentation

Future related events:

Caldicott Guardian Training Course
Friday 16 March 2018, De Vere West One Conference Centre, London


Caldicott Guardian Training Course
Friday 27 April 2018, De Vere West One Conference Centre, London


Caldicott Guardian Training Course
Friday 25 May 2018, De Vere West One Conference Centre, London


Information Governance NHS Summit 2018: Ensuring Compliance with GDPR in Health and Social care
Friday 8 June 2018, De Vere W1 Conference Centre, London


22 February 2018

Designed and hosted by Canterbury Web Services Limited