24 April 2018
What GDPR Means for Healthcare Organisations
“Healthcare organisations should already be doing 70-75% of the points outlined in the GDPR” – Dawn Monaghan, Head of Data Sharing and Privacy (NHS England), Head of Strategic IG (NHS Digital) and Director Information Governance Alliance.
Healthcare Associations including the NHS are the data controllers and are responsible for ensuring the security and appropriate handling of very sensitive data. By treating UK citizens’ data in ways that individuals would reasonable expect and has a minimal impact on privacy, implied consent for direct care can be used as the lawful basis for processing, for example a GP sharing patient data with a consultant.
If a healthcare organisation intends to use the data for other purposes, such as marketing, then formal consent may be needed. As such, this must be expressly confirmed in words and a record must be kept to evidence who consented, when, how and what they were told.
Processing Live Chats under GDPR
Click4Assistance is a data processor, meaning your organisation as the data controller will retain ownership of your data.
The solution is developed and hosted within the UK on Click4Assistance owned servers. Security by design is deep-rooted within the system and is reflected within our security policies; therefore any data processed or stored is never transmitted outside of the UK.
The rights of access and to data portability give consumers the power to request their personal data and supplementary information to use for their own purposes. Whereas the right to erasure / to be forgotten outlines that the data subject can request their data is deleted when there is no compelling reason for continued processing.
Administrators with authorised permissions can easily search stored data within the system, using various filters to identify the relevant record(s). This allows them to export the data in readable formats (pdf, excel, CSV), email it directly to the data subject or delete records.
Click4Assistance ensures we comply with GDPR when processing data to help you provide a secure service to your online visitors. For further advice regarding data protection and the new regulation contact our team on 01268 524628.
We have been supplying chat for website software for over 10 years; our customers include NHS National Services Scotland, CWP NHS and BMI Healthcare. For more information on their implementations and how the communication channel can benefit your organisation, email