GP Practices Face Compulsory Data Protection Audits

GP’s have warned that the moves could put patients at risk if they piled more bureaucracy on top of the heavy workloads already faced by practices.

Following an overhaul of regulations, from 1 February the information commissioner’s office (ICO), will be able to carry out compulsory audits to assess data protection by organisations including GP practices.

Previously the ICO was only able to force these checks on government departments.

NHS organisations including GP practices found to be in breach of data protection laws have faced heavy fines. Practices could face fines of up to £500,000 for breaching data protection rules, and the ICO has already issued fines totalling £1.3m to NHS organisations.

Routine Inspection

However, a spokesman for the ICO confirmed audits were intended to flag up problems with data protection before a breach occurred, and their findings could not trigger a fine. He added that all practices would not be inspected as a matter of routine, and that audits could be triggered by concerns raised about a practice or other factors.

GP’s take confidentiality and the appropriate handling of patient data very seriously. ‘That’s why they have been so concerned over the years about various government IT schemes that could undermine the confidence patients have in their GP.’

Cartoon on doctor and patientWe would need to see the details of any proposed audits the ICO planned to use, but they need to be very careful not to add yet more to the already heavy workload burden on practices and therefore make it even more difficult to provide good quality care to patients.

Call us today on 01279 215000 to find out how we can help you dispose of your IT equipment in a socially responsible way.