Welcome to the NWL IG Blog, where we have documented the process of taking two Hammersmith GP practices through the tasks required for them to become GDPR compliant.

Each of the GDPR related blogs will follow a similar format:

  • Introduction
  • Review of actions from the previous session
  • Work covered this week
  • Resources used
  • Output documentation
  • Lessons learned
  • Practice checklist
  • Work planned for the next session

Working through each blog post will help your own practice reach compliance and will put you in a good position to complete the required Data Security Protection Toolkit (new IG Toolkit) by the 31 st March 2019. Bear in mind that you will need your practice manager to set aside 1/2 day a week (plus a couple of hours a week of administrator time) for a minimum of three months to embed these practices in your day to day work – so you must be well underway by the New Year at the latest.

List of Blogs and Posts:

What When and How
Blog No. 1 Inaugural Blog
Blog No.2 Data Mapping
Blog No.3 Data Processing Impact Assessment (DPIA)
Blog No. 4 Individual Rights and SARS
Blog No. 5 ISAs and DPAs 
Blog No. 6 Record of Processing
Blog No. 7 GDPR Accountability
Blog No. 8 Managing Risk
Blog No. 9 Right of Access
Blog No. 10 Layered Fair Processing
Blog No. 11 Summary Blog
Blog No. 12 DSPT Introduction
Blog No. 13 DSPT Support Page
Blog No. 14 Information Sharing and the DCC
Blog No 15 eDSM
Blog No. 16 Notification of EMIS cloud services
Blog No. 17 DSPT 2019-2020
Blog No. 18 National Data Optout