The GDPR has introduced new elements and significantly enhanced requirements regarding data protection in comparison to the current UK Data Protection Act (DPA) 1998. To support pharmacy teams to be prepared in meeting the requirements of the GDPR and understand the GDPR, its principles, roles, responsibilities and processes., the following resources are now available to download:
NPA support resources
- GDPR overview
- GDPR FAQs
- GDPR staff training manual, including multiple choice questions, answers and a certificate
- GDPR Data Protection Officer (DPO) suite of resources
- GDPR brief overviews on:
- Lawful basis for processing
- Consent
- Individual rights
- Records of processing activities
- Data breaches
- A GDPR webinar which was presented on 15 March 2018
Community Pharmacy GDPR Working Party cross-sector guidance: England and Wales
The NPA has been working closely with other pharmacy organisations as part of the Community Pharmacy GDPR Working Party which has produced cross-sector guidance resources which include the following four resources:
- Guidance for Community Pharmacy (Part 1) – providing sector-specific information
- Guidance for the Community Pharmacy (short version) (Part 2) – useful to help in training members of your team
- Workbook for Community Pharmacy (Part 3) –templates for you to amend as appropriate for your pharmacy; such as for the recording all your pharmacy processes and a privacy notice
- Update to the GDPR Workbook for Community Pharmacy (19 May 2018)
- FAQs for Community Pharmacy (Part 4) – for further information
- Data Protection Officer top tips and advice – information regarding appointing a DPO
- Model Data Protection Impact Assessment (DPIA) – template to help you record your DPIA
Community Pharmacy Scotland
Community Pharmacy Scotland has launched a GDPR pack which compromises of four parts to help compliance with the GDPR.
Community Pharmacy Northern Ireland
Community Pharmacy Northern Ireland has launched a GDPR pack which compromises of four parts to help compliance with the GDPR.
General Data Protection Regulation (GDPR): DPO resources
A suite of resources to understand the requirements of appointing a DPO and their role; the following documents are available:
- DPO guidance
- DPO checklist
- GDPR definitions and quick reference guide
General Data Protection Regulation (GDPR): brief overview
This resource provides a brief overview of the GDPR
General Data Protection Regulation (GDPR): training manual and MCQs
To help comply with the GDPR requirement of staff awareness, the following documents are available:
- Pharmacy team training manual
- MCQ assessment
- MCQ assessment answers
- Certificate of completion
General Data Protection Regulation (GDPR): FAQs
Current FAQs on the GDPR.
General Data Protection Regulation (GDPR): lawful basis for processing
This resource provides a brief overview of the lawful basis for processing under the GDPR
General Data Protection Regulation (GDPR): consent
A brief overview of consent as part of the GDPR and authorisation template for prescription collection/delivery service and EPS nomination
General Data Protection Regulation (GDPR): individual rights
This resource provides a brief overview on the rights for individuals and their personal data within the GDPR
General Data Protection Regulation (GDPR): records of processing activities
A brief overview of records of processing activities and record templates for data controller and processors
General Data Protection Regulation (GDPR): data breaches
This resource provides a brief overview of data breaches under the GDPR