- February 8, 2018 at 8:59 am #31665
Do you have any news on making Clinic Office software compliant with the new General Data Protection Regulations coming into effect in May this year
SteveFebruary 8, 2018 at 10:09 am #33806
Thanks for the question and I am glad to say that we do have a page on our website now dedicated to this topic and this will help to answer your question. You can view this via the link below.
We are also working on build 1094 which will assist you further with remaining compliant. All being well this will be released sometime in the first quarter of this year.February 8, 2018 at 1:33 pm #33807
Great thanks for the infoMarch 29, 2018 at 1:01 pm #33808
To maintain data security and be GDPR compliant, it is likely we are going to have to delete personal data from records. Is it possible to do this without deleting the complete clinical record?
CliveApril 12, 2018 at 11:22 am #33809
Apologies for the delay in replying. We have been discussing how we might accommodate this request, however we feel that there is not a need for a specific function to handle the deletion of personal data, due to how GDPR interacts with the medical sector and ‘The Right to be forgotten’.
Please see this excerpt from the ICO regarding Medical/Healthcare Organisations:-
How are medical and dental records affected by the right to erasure?
There is no absolute ‘right to be forgotten’.
People can ask for their personal data to be erased – but only when there is no compelling reason for its continued processing.
Requests will have to be assessed on their own merits. However, care providers, for example, will likely have a very good reason for processing much of the personal data they hold for the purposes of providing medical care.
More information from this article can be found here:- https://ico.org.uk/for-organisations/health/health-gdpr-faqs/
In light of this we feel that the need for the deletion of personal data would be a rare event if at all, and therefore to manually ‘X’ any personal information on records that call for this on occasion is what we are recommending for now.
Future development will include functionality to erase all identifiable data, but for now, we feel this is sufficient.
You must be logged in to reply to this topic.