**PLEASE NOTE: This event is now fully booked**
The EU General Data Protection Regulation (GDPR) comes into effect in the UK and across Europe on 25 May 2018. The GDPR, which represents the most significant reform of data protection laws for twenty years, will have implications for organisations across all sectors that collect and process personal data. Given that the health and social care industry both generate and utilise vast quantities of data in their daily operations, the introduction of the GDPR will be an incredibly important development. There are huge opportunities in healthcare for data to be used to improve diagnosis and treatment. However, given the sensitive nature of the data involved it is crucial that it is properly protected. Previous data breaches and data sharing arrangements in the health sector have highlighted the public’s concern about how their personal healthcare information is used and so the GDPR will be incredibly pertinent in addressing those concerns.
The GDPR introduces new rights for citizens and considerable new obligations on both data controllers and processors. The focus on accountability and transparency, which are both running themes throughout the regulation, aims to provide citizens with far greater control over how their personal information is collected, used and processed. The introduction of significant fines, standing at up to 4 per cent of annual turnover or 20 million euros, highlight how important it is that all organisations are ready to comply with GDPR from next year.
Within the GDPR there are specific provisions for the health and social care industry, given the sensitive nature of the data processed. These include the need for explicit consent for highly sensitive personal information, the need to hire a data protection officer and requirements surrounding how personal information can be used in medical research.
In order to explore some of these issues techUK is hosting a panel discussion to discuss how GDPR will affect Health and Social Care specifically. The discussion will include issues such as:
- How will the requirement for explicit consent for the processing of highly sensitive personal data affect the health industry?
- What will be the impact of the new requirements on medical research?
- How will health and social care organisations deal with subject access requests, the right to be forgotten and the right to data portability?
- Is the health and social care industry ready for GDPR and what else needs to be done to ensure it is ready in time?
Speakers at this session will include:
- Victoria Hordern, Counsel, Hogan Lovells
- Steve Norledge, UKI GDPR Leader, IBM UK Ltd
- Gary Smith, VP of Sales and Marketing, PhixFlow
- David Evans, Principal IG Specialist - NDSD, NHS Digital