Managing Director, Microtest
May 4th saw the publication of the new General Data Protection Regulation, which will harmonise data protection legislation across Europe and will become law across Europe on May 24th. All companies and organisations will need to comply with the new legislation within two years.
This is the most significant overhaul of data protection legislation for over a decade and will mean all organisations handling personal data will have to scrutinise their current practices and in most cases raise their game.
Data protection in healthcare is clearly of paramount sensitivity. As technology becomes more and more central to the way we all work, this raises new challenges related to data protection.
As data is now increasingly shared across GP practices and across settings, for example, this means that there is a responsibility for the Data Controller to specify which organisation using the system can see what information and to ensure that they are made aware of any changes made to the data. This is just one example of many instances that occur all the time. As sharing of electronic patient records will be so central to the future of healthcare, the need for effective data protection will remain at the forefront.
Maintaining the security of patient health records is a responsibility which all of us working in the industry should have at the heart of our operations. Certainly at Microtest, we take our responsibilities in this regard very seriously but sadly we do hear of occasional lapses elsewhere in the industry.
This new European General Data Protection Regulation will bring fresh impetus to the debate and should also bring fresh energy to the way we all work to find the best ways to address patient data security issues. Everyone must comply with the new legislation by May 2018. However, not a minute should be lost by healthcare IT suppliers in bringing fresh attention and commitment to the task of ensuring that data protection is world class right across our industry.
At Microtest, we take our responsibilities to our customers and patients very seriously and have developed our systems to allow our customers to be fully compliant with their obligations under the Data Protection Act for many years.