The GDPR will introduce new elements and significantly enhanced requirements regarding data protection in comparison to the current UK Data Protection Act (DPA) 1998. To support pharmacy teams to be prepared in meeting the requirements of the GDPR and understand the GDPR, its principles, roles, responsibilities and processes., the following resources are now available to download:
NPA support resources
- GDPR overview
- GDPR FAQs
- GDPR staff training manual, including multiple choice questions, answers and a certificate
- GDPR brief overviews on:
- Lawful basis for processing
- Individual rights
- Records of processing activities
- Data breaches
- A GDPR webinar which was presented on 15 March 2018
Community Pharmacy GDPR Working Party cross-sector guidance
The NPA has been working closely with other pharmacy organisations as part of the Community Pharmacy GDPR Working Group which has produced cross-sector guidance resources which include the following four resources:
- Guidance for Community Pharmacy (Part 1) – providing sector-specific information
- Guidance for the Community Pharmacy (short version) (Part 2) – useful to help in training members of your team
- Workbook for Community Pharmacy (Part 3) –templates for you to amend as appropriate for your pharmacy; such as for the recording all your pharmacy processes and a privacy notice
- FAQs for Community Pharmacy (Part 4) – for further information
This resource provides a brief overview of the GDPR.
Current FAQs on the GDPR.
To help comply with the GDPR requirement of staff awareness, the following documents are available:
- Pharmacy team training manual
- MCQ assessment
- MCQ assessment answers
- Certificate of completion
This resource provides a brief overview of the lawful basis for processing under the GDPR.
This resource provides a brief overview of consent as part of the GDPR.
This resource provides a brief overview on the rights for individuals and their personal data within the GDPR.
A brief overview of records of processing activities and record templates for data controller and processors.
This resource provides a brief overview of data breaches under the GDPR.