STEP 1 – AWARENESS
Make sure you, everyone in your organisation (if you work in an organisation) and everyone you work with who handles personal data is aware of GDPR and the changes required.
You should familiarise yourselves with the changes required to comply with GDPR.
All members are encouraged to watch the ICO’s webinar: Data Protection for Small Healthcare Organisation.
BANT will continue to support you by providing plain English eblasts on GDPR that are relevant to your nutritional therapy businesses. These will be issued over the following weeks:
- Steps 2 and 3: Processing – guidance and examples on identifying and documenting personal data held by nutritional therapists and your lawful basis for processing it.
- Step 4: Privacy notice – an example privacy notice for a typical nutritional therapy business
- Step 7: Consents – guidance on how to obtain consent, including examples for a typical nutritional therapy business
- General guidance and templates covering other steps including:
- Data Protection Procedure template for you to document how you will process personal data
- Guidance on Information security and technology
- How to recognise a subject access request