- Information law; healthcare litigation
- 0161 234 2448
Information law and Data Protection experts
Hempsons have decades of experience of advising on information law and data protection, and regularly advise NHS and other healthcare providers, third sector entities and tech start ups in the field. We advise on the full range of information governance issues, ranging from individual requests under the subject access and freedom of information regimes, ICO investigations and appeals through to ensuring information governance compliance in artificial intelligence-powered ‘big data’ analytics projects. Information governance issues often occur in connection with other legal issues and our information governance team has a multidisciplinary approach, working with our procurement, commercial and employment teams as appropriate.
Recent work in this area has included preparing clients for the transition to the GDPR regime and the Data Protection Act 2018, including a national programme of seminars on this issue.
Main areas of expertise
- GDPR/DPA 2018 compliance
- NHS Information governance compliance
- Information sharing
- Information access regimes (data subject access and Freedom of Information)
- Data rights requests, complaints and claims
- Information Commissioner investigations and appeals
Dentists across the UK will be all too familiar with the Data Protection Act 1998 (DPA) but possibly not yet accustomed to the EU’s General Data Protection Regulation (GDPR) which will apply from 25 May 2018. Notwithstanding Brexit, the UK government has indicated that it will implement the new regime.
If you handle and process personal information about individuals, you have a legal obligation under the Data Protection Act 1998 (“the Act”) to protect that information.
Welcome to the latest edition of Hempsons’ Dental newsbrief, a round-up of some of the hot legal topics in the dental sector
Keeping confidential information about staff and patients secure is a responsibility NHS organisations have taken seriously for a long time. But the requirements on them are about to increase. From May 2018, organisations will need to comply with the General Data Protection Regulation (GDPR), an EU regulation.
Keeping confidential information about staff and patients secure is a responsibility businesses operating in the health and social care sectors have taken seriously for a long time. But the requirements are about to increase. From May 2018, organisations will need to comply with the General Data Protection Regulation (GDPR), an EU regulation.
The way services are accessed has been transformed by the changes in technology over the past decade and these developments present exciting opportunities for transforming how healthcare can be delivered however, when seeking to develop new opportunities, it is essential to have a clear understanding on the law governing the use of data and ensure that these considerations are incorporated into any project from the outset.
Welcome to the winter edition of Hempsons’ Healthcare Newsbrief. Many of you will be reading this at the NHS Providers conference where many of the issues we are writing about – from moving towards digital records to the issues around moving to an accountable care organisation – will be either discussed or on the minds of delegates...
The current law governing the use of personal data in the UK is the Data Protection Act 1998 (“DPA”). The law will change on 25 May 2018 when the European General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”) will come into effect.
The General Data Protection Regulation (‘GDPR’) comes into force on 25 May 2018 and is the largest overhaul of data protection since the 1998 Act.
On 25 April 2017, the updated GMC Guidance, Confidentiality: Good Practice in Handling Patient Information (“the Guidance”) comes into effect
Charities have had something of a bumpy ride lately… and the bad news is that it’s not over yet. On top of increasing scrutiny of fundraising carried out by charities, data protection law and the Information Commissioner has now come to the fore with some big-name charities fined for data protection breaches.
What are your obligations with The General Data Protection Regulation (GDPR) – are you going to be ready?
Certain types of personal data must be treated with particular care due to the sensitive nature of that personal data. This is of course common sense. ‘Health’ comes under what the ICO (Information Commissioner’s Office) calls the ‘special category’, making it a mandatory obligation to comply with the GDPR and more especially if you work in the health professional field.