Welcome to BANT. if you are a member, please Login
When you start up your nutritional therapy business, you must ensure you are GDPR compliant from the outset. As a Nutritional Therapist, complying with GDPR is extremely important, you are not only detailing with personal data, but the data you… Read More >
Documentation Updates GDPR – FAQs, Retention and Other Updates Click here to access the full eblast.
GDPR DOCUMENTATION CONTROLLER SPREADSHEET (DCS) DATA PROTECTION POLICY (DP) CONSENT (C) PRIVACY NOTICE (PN) INFORMATION SECURITY (IS) LEGITIMATE INTERESTS ASSESSMENT (LIA) DATA PROTECTION IMPACT ASSESSMENTS (DPIA) GDPR DOCUMENTATION CONTROLLER SPREADSHEET (DCS) DCS1. In the “link to retention and erasure policy document”,… Read More >
In our continued support of our members in being GDPR compliant, we have developed a section of the BANT website that includes all the information we issued via the BANT GDPR Eblast Series, including the BANT GDPR templates for a… Read More >
Documentation Updates The following documents have been updated. These include both GDPR templates and BANT Professional Practice Standards documents in-light of GDPR. Click here to access the full eblast.
Training and Awareness Everyone in your organisation (if you work in an organisation) and everyone you work with who handles personal data on your behalf should be aware and be trained in GDPR. A good introduction to data protection in… Read More >
And Finally….. This is the last of our series of Eblasts supporting you in the implementation of GDPR. We very much hope that you have found this eblast series helpful. Click here to view the full eblast.
Legitimate interests is one of the six lawful bases for processing personal data (as detailed in a previous eblast). The Document Controller spreadsheet example produced by BANT for a typical NT business identified a number of types of personal data… Read More >
The GDPR requires you to process personal data securely. This is not a new data protection obligation. It replaces and mirrors the previous requirement to have ‘appropriate technical and organisational measures’ under the Data Protection Act 1998. However, the GDPR… Read More >
Recognising and dealing with a Subject Access Request What is a subject access request? An individual has the right to receive confirmation that their data is being processed, access to their personal data and supplementary information (which should be the… Read More >