NHS sets aside £1million for GDPR

NHS Trusts have spent over £1million preparing for the incoming EU General Data Protection Regulation (GDPR), according to research from the Parliament Street think tank. Data analytics experts call for trusts to develop blueprints for notification of privacy and data breaches

by News Reporter on 11 April 2018 09:02


NHS Trusts have earmarked over £1million to manage with EU’s incoming General Data Protection Regulation (GDPR) which comes into force on May 25th 2018.The spending figures are revealed in a new policy paper entitled Getting the NHS Ready for the GDPR, from the Parliament Street think tank.

In total, 46 Trusts told the organisation that they have spent £1,076,549 on GDPR to date, the majority on software, services and staffing. The biggest spender was Luton and Dunstable Hospital Foundation Trust which set aside £111,200 for GDPR implementation, targeted at staff support and training.

At the bottom of the list was Royal Derby hospital which stated it had only spent £500 on GDPR. Goodmayes Hospital also spent £500 with an additional £70 a month on a secure email system for sending patient records. South Central Ambulance Service NHS Trust set aside £95,000 for GDPR.

This was followed by St George’s University Hospitals NHS Foundation Trust which also spent £95,000 on ‘research, analysis and resourcing’. Other big spenders included Lincolnshire Partnership NHS Foundation Trust which spent £106,915 on staffing and training, including £1,755 on specialist training

Commenting on the research Nick Felton, SVP, MHR Analytics said, “The incoming GDPR poses significant challenges to health trusts, which are tasked with managing highly confidential patient data and critical medical documents. This new legislation will increase pressure on hospitals to improve standards of data processing and introduce more stringent policies for managing information securely. It will also require trusts to develop blueprints for notification of privacy and data breaches."

He continued, "With NHS resources already under strain, it is important that the health service moves quickly to meet the GDPR compliance deadline, particularly when the consequences of failing to do so include significant fines. Key to achieving this is for trusts to gain full control of all data and improving its quality to make better decisions for the long term.”

blog comments powered by Disqus