Podcast: Play in new window | Download

Subscribe: Apple Podcasts | Email | RSS

Rightly or wrongly, we often find ourselves neglecting basic policy and procedural elements of the job, when patient demand, clinical priorities and a never-ending stream of new directives are cascaded down from on high. So, with this in mind, we invited regulatory solicitor and lecturer David Sinclair to feature on today’s podcast, to bring governance and cyber security more sharply into focus. With the threat of cyber-attacks on the rise, coupled with a quickly evolving policy landscape when it comes to GDPR, data protection and information security, we discuss what practices should be doing now to ready themselves, who should take responsibility for this critical area of work, and what to expect going forwards.

Introduction (0:09)

Meeting David (1:05)

Current prevalence of cyber attacks on GP practices (1:22)

What do practices need to be doing right now to protect themselves against the risk of cyber security breaches? (2:26)

Management of governance and data protection protocols (3:01)

The importance of employing the services of those with the required, specialist knowledge (4:21)

Establishment of a named Data Protection Officer (DPO) (5:24)

Who is accountable if / when something goes wrong? (7:00)

Proactive proof of compliance (8:15)

How do we best demonstrate GDPR compliance? (9:35)

Commonly made mistakes and issues (11:26)

Responding to data subject access requests (13:29)

Who should we consult when seeking advice specifically related to data subject access requests? (14:45)

Strategies for managing subject access requests (15:21)

Other commonly faced issues and things to be aware of going forwards (16:59)

What the future might look like when it comes to governance and security (18:12)

Summarising today’s discussions (19:06)

A final word from David (19:56)

Getting in touch (20:41)

If you’d like further information, and / or to connect with David directly, please check out the DR Solicitors website.