09/11/2018 - 10:00
The HCPC has updated its Confidentiality guidance for registrants to include data protection principles under the General Data Protection Regulation (GDPR).
GDPR, supported by the Data Protection Act 2018 (DPA) governs how personal data, including service user records, should be handled.
It sets out seven key principles:
The HCPC’s Standards of conduct, performance and ethics say that registrants must keep up to date with and follow the law, HCPC guidance and other requirements relevant to their practice.
They also state that registrants must:
The Information Commissioner’s Office is the leading authority in the UK for data protection. It has a number of helpful resources on its website including a guide to the GDPR; health and social care FAQs and FAQs for small health sector bodies.