How Will GDPR Affect Health and Social Care?

**PLEASE NOTE: This event is now fully booked**

The EU General Data Protection Regulation (GDPR) comes into effect in the UK and across Europe on 25 May 2018. The GDPR, which represents the most significant reform of data protection laws for twenty years, will have implications for organisations across all sectors that collect and process personal data. Given that the health and social care industry both generate and utilise vast quantities of data in their daily operations, the introduction of the GDPR will be an incredibly important development. There are huge opportunities in healthcare for data to be used to improve diagnosis and treatment. However, given the sensitive nature of the data involved it is crucial that it is properly protected. Previous data breaches and data sharing arrangements in the health sector have highlighted the public’s concern about how their personal healthcare information is used and so the GDPR will be incredibly pertinent in addressing those concerns.

The GDPR introduces new rights for citizens and considerable new obligations on both data controllers and processors. The focus on accountability and transparency, which are both running themes throughout the regulation, aims to provide citizens with far greater control over how their personal information is collected, used and processed. The introduction of significant fines, standing at up to 4 per cent of annual turnover or 20 million euros, highlight how important it is that all organisations are ready to comply with GDPR from next year.

Within the GDPR there are specific provisions for the health and social care industry, given the sensitive nature of the data processed. These include the need for explicit consent for highly sensitive personal information, the need to hire a data protection officer and requirements surrounding how personal information can be used in medical research.

In order to explore some of these issues techUK is hosting a panel discussion to discuss how GDPR will affect Health and Social Care specifically. The discussion will include issues such as:

  • How will the requirement for explicit consent for the processing of highly sensitive personal data affect the health industry?
  • What will be the impact of the new requirements on medical research?
  • How will health and social care organisations deal with subject access requests, the right to be forgotten and the right to data portability?
  • Is the health and social care industry ready for GDPR and what else needs to be done to ensure it is ready in time?

Speakers at this session will include:

  • Victoria Hordern, Counsel, Hogan Lovells
  • Steve Norledge, UKI GDPR Leader, IBM UK Ltd
  • Gary Smith, VP of Sales and Marketing, PhixFlow
  • David Evans, Principal IG Specialist - NDSD, NHS Digital

For more information on techUK's Cloud, Data Analytics & AI programme or Health and Social Care programme, please contact:

Share this


We are celebrating #WorldWaterDay come and join us in an interactive session here @techUK for an Innovation Worksho…
Want to know what @bankofengland is doing to embrace, enable and empower fintech? #techUK #Fintech
Free on 2 April & interested in human rights, modern slavery, conflict minerals & sustainability? We're hosting a c…
.@techUKCEO responds to European Council's agreement on extending Article 50. Parliament now must urgently work to…
Great evening with @ComdJFC_UK outlining JFC approach to innovation at @techUK Defence Spring Dinner.
.@CENTI_London is offering one-on-one investor meetings with top VC`s and private meetings with local government. E…
Given that a cyber attack is no longer an 'if' but more likely a 'when', board members need help with guidance on w…
Join us on 27 March to explore a local focused approach to local public safety service delivery challenges…
Become a Member

Become a techUK Member

By becoming a techUK member we will help you grow through:

Click here to learn more...