1 minute read
Data Protection & Compliance
th Royds Withy King Solicitors - RKW
p p cialising in social care, learn how to stay compliant with the Data Protection and UK GDPR legislations, which in turn will help you stay compliant with the CQC and avoid fines for data breaches by the ICO. Whilst during the pandemic, data protection was not high on the agenda for either the CQC or the providers, this is about to change.
Advertisement
As a part of their assessment relating to caring and well led, CQC will be looking at the way you manage your data. Some of the questions you may be asked are:
· What personal data do you hold or collect?
· What do you do with that data?
· Who do you share it with?
· How long do you keep the data?
· What is the lawful basis for processing the data?
CQC will check that your records comply with Regulation 17 Health and Social Care Act 2008 (regulated activities) Regulations 2014:
· Data protection legislation.
· Accessible information standard and
· The toolkit (where necessary)
Some of the common problems you can avoid that CQC inspectors have identified are:
· Personal and special category data (health information) not being shared securely:
· Password protect or encrypt documents,
· Secure sharing sites
· Egress for emails
· Software up to date.
· Doors to offices is being left unlocked, open and unattended
· Data being taken off site and not backed up/ sufficiently protected
· Staff not being sufficiently trained
Completing the DSPT self assessment can help prove your compliance with Data protection legislation and UK GDPR. It can also help you prevent data breaches, reduce the risk of cyber attacks and make dealing with requests from individuals to exercise their rights in respect of personal data much easier.
Completing the toolkit can help you reduce the risk of fines from the ICO for non-compliance as you will be able to show the steps you have taken to minimise the risks.
