NHS: Data Protection

Department of Health and Social Care written question – answered at on 24 July 2018.

Alert me about debates like this

Photo of Grahame Morris Grahame Morris Labour, Easington

To ask the Secretary of State for Health and Social Care, what assessment he has he made of the financial effect on the NHS of the introduction of the General Data Protection Regulation.

Photo of Jackie Doyle-Price Jackie Doyle-Price The Parliamentary Under-Secretary for Health and Social Care

The Government has not made any assessment of the financial effect on the National Health Service of the introduction of the General Data Protection Regulation (GDPR).

The GDPR came into effect on 25 May, replacing the Data Protection Act 1998. Its provisions form legal obligations that must be observed. The right of access plays a central role in the GDPR. This updates similar provisions, known as Subject Access Requests, that were available within the Data Protection Act 1998, giving individuals the right to obtain a copy of their personal data, including, from a health perspective, copies of medical records.

Previously, under the Data Protection Act 1998, organisations were able to make a charge for dealing with the administration required in such a request. Under the GDPR, the ability, in law, to levy such charges has been removed in most cases. This is a blanket requirement of the GDPR, applicable to all businesses and public authorities which was subject to the collective agreement of all European Union member states. There has been no assessment made on the cost of dealing with such requests.

Does this answer the above question?

Yes0 people think so

No0 people think not

Would you like to ask a question like this yourself? Use our Freedom of Information site.