As you may or may not be aware, changes are afoot in relation to how your personal data is stored, accessed, shared and processed. The law governing this comes from the European Union and is complex, but in essence it regulates data controllers and provides rights to data subjects.

It is an important law and even though they are leaving the EU, the UK are set to voluntarily adopt this set of regulations too.


The new law will be invoked on the 25th of May 2018 and it will replace previous laws from 1998 & 2003.

As your GP we are data controllers-put simply we are responsible for important personal data that is held on file in the practice about you.


What are ‘Data Controllers’ & ‘Data Subjects’?

As a patient you are a data subject-and as your GP we hold some of your ‘personal data’.

‘Personal data’ means: data relating to a living individual who is or can be identified either from the data or from the data in conjunction with other information that is in, or is likely to come into, the possession of the data controller.

That is a bit of a mouthful but the information it pertains to means things like medical notes, letters from consultants, blood and other results, etc.


Is Portmarnock GP Clinic prepared for the upcoming changes in the law?

To recognise the importance of this subject, we recently audited our practice to ensure that the way we handle your information is up to scratch. All our staff (medical, nursing and administrative) will be undergoing updated training in the coming weeks to reflect the changes in the new legislation. Happily the results of the audit were good and there were no worrisome findings!



What changes have the clinic made to protect patient data?

As GPs we are all data subjects too-whether it is with our dentist, local mechanic, garage, telephone provider………the list is endless. As a result we understand the importance of keeping your data safe.

  • All of our computers operate with firewalls to prevent outside interference
  • We are formulating a new and improved safe internet policy for all of our staff members
  • All of our computers and the software we use to access your data are password protected
  • All patient data is backed up
  • We have a computer consultant who upgrades and maintains our computers and software regularly and alerts us to changes that may be needed
  • We use Healthmail (encrypted) to transfer patient records and notes to other clinics when necessary.
  • All staff have confidentiality clauses in their contracts

What do I need to do?

You don’t need to do anything specific. It is a good idea though to update us (and any hospitals or clinics that you attend) if you change your address or your phone number. This reduces the risk of letters or calls going to the wrong person.

This is probably more pertinent if you have been at the practice since you were a child as, for example, the phone number on your file may be that of one of your parents.

It is also a good idea to check out this link to ensure you know your rights as a data subject.


This post is not intended in any way to be exhaustive and is to advise our patients that we are very careful when handling important patient data. It is also to update them on the upcoming changes in the law. We strongly advised that you use this post as a springboard to reading up on the topic yourself.

We will continue to monitor the way we process & handle your information and asides from work already done we are intending further meetings and updates both internally and externally in relation to the new GDPR regulations. Thanks for reading.

This post was by Dr Niall