General Data Protection Regulation (GDPR)

by Rhonda Lawes, PhD, RN

My Notes
  • Required.
Save Cancel
    Learning Material 3
    • PDF
      Slides General Data Protection Regulation GDPR.pdf
    • PDF
      Reference List Healthcare Informatics Nursing.pdf
    • PDF
      Download Lecture Overview
    Report mistake

    00:01 Hello members of the healthcare team! In this video, we're going to discuss the General Data Protection Regulation, or GDPR.

    00:09 This regulation, enacted by the European Union, is all about safeguarding personal data and enhancing privacy rights.

    00:16 As healthcare professionals, it's our responsibility to adhere to GDPR.

    00:22 The GDPR is all about protecting personal data - especially our patients' sensitive information. It's like a security guard for our patients' data, keeping it safe from unauthorized access or misuse.

    00:34 Consider this: when a patient shares their health history with us, they trust us with that information. Under the GDPR, we need to be transparent about how we're using this information - for instance, we should clearly communicate that we'll use this data for diagnosis, treatment, and billing.

    00:52 In a day-to-day scenario, if a patient is allergic to a specific medication, that information should be shared with the pharmacist dispensing their prescription, but not with a pediatrician treating different patients.

    01:04 GDPR compliance helps us build trust with our patients, just like the trust we establish when we listen to their concerns during consultations.

    01:11 By securing their data, we show them that we value their trust.

    01:15 It's essential to remember that we should only discuss patient information when necessary for care.

    01:21 Conversations about a patient's condition or treatment should never take place in public spaces like waiting rooms or reception areas.

    01:29 GDPR also encourages us to prevent data breaches.

    01:33 It's like the regular drills we do in hospitals to prepare for emergencies - we need to keep our software updated, conduct vulnerability assessments, and use firewalls and antivirus software to shield patient data.

    01:46 GDPR requires us to obtain explicit and informed consent from patients before processing their data.

    01:52 It's like asking a patient's permission before conducting an examination - we need their consent before sharing their medical information with a specialist.

    02:01 If a doctor, out of curiosity, browses through a high-profile patient's records, it's a violation of the GDPR.

    02:08 We also need to inform patients about their rights under the GDPR and respond to their requests for data access, rectification, erasure, and portability.

    02:18 It's like explaining a patient's right to a second opinion - we need to make them aware of their data rights and be responsive to their requests.

    02:26 Additionally, we are required to perform Data Protection Impact Assessments or DPIAs for high-risk data processing activities.

    02:36 Imagine we're introducing a new electronic health record system - we'd need to conduct a DPIA to identify and address potential privacy risks.

    02:45 Ensuring GDPR compliance involves staff training, privacy by design, data processing agreements, and regular data audits.

    02:53 We can conduct workshops or online training modules, much like our regular skill-enhancement programs and this will help familiarize staff with GDPR principles.

    03:03 And when developing new healthcare technologies or systems, privacy should be a default setting.

    03:09 We should also establish agreements with data processors, like our contracts with medical suppliers, outlining their responsibilities in protecting patient data.

    03:18 Lastly, regular audits help us assess our data handling practices.

    03:23 It's like our regular health check-ups - this time, for our data security protocols! By adhering to these principles, we can ensure data security while fostering patient trust.

    03:34 GDPR is not just a regulation - it's a commitment to our patients' privacy and rights. So we need to embrace it with open arms! For more information you can feel free to access the GDPR Information Portal.

    03:47 And remember, we're not just healthcare professionals.

    03:51 We're also custodians of sensitive information.

    03:54 Let's protect it just like we safeguard the health of our patients!

    About the Lecture

    The lecture General Data Protection Regulation (GDPR) by Rhonda Lawes, PhD, RN is from the course Healthcare Informatics.

    Included Quiz Questions

    1. It requires stronger consent than HIPAA.
    2. It is only in effect in North America.
    3. It does not apply to electronic health information.
    4. It requires healthcare providers to obtain implied consent to share health information.
    1. Perform regular data audits.
    2. Make agreements with data processors.
    3. Follow a “Privacy by Design” approach.
    4. Install multi-factor identification on all electronic systems.
    5. Make privacy training for new staff optional.

    Author of lecture General Data Protection Regulation (GDPR)

     Rhonda Lawes, PhD, RN

    Rhonda Lawes, PhD, RN

    Customer reviews

    5,0 of 5 stars
    5 Stars
    4 Stars
    3 Stars
    2 Stars
    1  Star