In May 2018 the EU General Data Protection Regulations – or GDPR – came into force. The new regulations signalled a step change in the way that personal data could be handled. Businesses from global corporations to independent sole traders had to sit up and take notice as the GDPR were set to apply to any business, however large or small. The fines for data breaches were set to be eye wateringly high.
The introduction of the regulations was concerning for many providers of psychological therapy services as practitioners hold so much data about their clients. Lots of questions were suddenly being raised around acceptable ways to contact clients, how long data could be retained for, how data should be securely kept, and what ‘legitimate interest’ really meant for marketing activities and contact with individuals. The GDPR also signalled an increase in the administrative burden of keeping client records. This included managing individual clients’ consent to be contacted, the deletion of client data if a client requested their details to be permanently erased (the ‘right to be forgotten’), and creating a suitable consent form. Getting to grips with data security terminology presented another challenge – what was the difference between a ‘data controller’ and a ‘data processor’? It was hard to know where to start.
Here at Mayden we wanted to help our bacpac clients to navigate the GDPR. We provided a template consent form that therapists could amend for their own practice. We also produced a free eBook setting out the key aspects of the GDPR that therapists would need to be aware of and comply with to get ready for the new regulations. We had already ensured that bacpac was fully GDPR compliant so our existing users could be confident that their client data was safe and secure.
We understand how important it is that therapists comply with the GDPR. A year on from the introduction of the regulations we are keen to understand what the impact has been for therapists and our bacpac clients. We have produced a short survey to gather feedback about how challenging (or not!) the introduction of the GDPR has been. We are also keen to understand if there is anything that bacpac could do to help make compliance even easier for the benefit of you and your clients. We’d love to hear your thoughts so please do take a few moments to complete our survey. Be sure to look out for our next blog where we will be sharing the findings.