Preparing for General Data Protection Regulation

This one-day training seminar was held in central London on 23rd April with 19 delegates attending and a waiting list for a second event (which will be held in May)!

The audience was mainly Occupational Health professionals, but a good mix of clinicians, managers and service commissioners.

I was pleased to join two respected and highly experienced lawyers to present at the event, but also to take questions for nearly 90 minutes at the end, which shows the level of interest and wide-ranging concerns in applying the new legislation which will replace the Data Protection Act towards the end of May.

Nick Hanning is a specialist lawyer who serves as a consultant on personal injury and employment cases – he is known for involvement in some landmark cases including the case that resulted in the largest ever employment tribunal award of £4.5million. Along with Professor Diana Kloss (a former employment judge and author of very many leading publications relating to occupational health and the law), I presented on the practical implications of the legislation. Nick and Diana gave a very clear explanation of the additional duties that GDPR may require data users to complete.

The basic principles are similar, to our familiar Data Protection Act, and are designed to ensure that personal and identifiable information is only used or stored with the full awareness of the data subject. The data must be used lawfully, fairly and transparently and when not required should be destroyed and no longer retained.

Many businesses, including Empactis, will use a Data Protection Officer, a trained and knowledgeable individual that can review and advise to ensure that data is handled in a compliant fashion.

Empactis already has high standards, and it was good to have opportunity to work alongside experts very familiar with the new legislation at this event.

Recent years have seen some very significant data breaches, personal information on millions of employees inappropriately released in to the Public domain and the reputation of leading companies may be hugely damaged by data loss. Individuals deserve to know that personal information (names, addresses, key dates) and special category data (sensitive information about health or employment issues for example) is secure and only being used appropriately.

This is an issue we take very seriously and the scale of this event in London shows many occupational health providers are thinking very hard about!