According to GDPR:

Taken from the Information Commissioner’s Office website:

  • Individuals have the right to access their personal data.

  • This is commonly referred to as subject access.

  • Individuals can make a subject access request verbally or in writing.

  • You have one month to respond to a request.

  • You cannot charge a fee to deal with a request in most circumstances.

See this ico article to keep up to date with latest developments.

On GPM's end:

Process

Gensolve has defined GPM to be able to keep track of requests on patient records and personal details. Keep in mind that the information sent should be understood by patients without the need for expert medical knowledge.

Steps

  1. Create a “GDPR Right to Access” event to record the client request and set a due date for action.

  2. Upload any written request from client to the Client Uploads tab.

  3. Optionally, send a GDPR Data Access Request template email confirming request and clarifying exactly what data they require.

  4. The client needs to provide proof of identification.

  5. Complete and send template file with exact data to be provided.

  6. Once confirmed exactly what data the client requires, create a GDPR Data Portability event.

  7. Complete the Todo action / event.

 

You may also want to take a look at: Client events, Client Uploads, Letter templates.

Updated:20-Jun-24

Copyright © 2016 Gensolve Pty Ltd