Month: February 2018

Out with the old. In with the new.

A blog by J Cromack, CCO

I recently took part in a GDPR Salon for Digital Leaders South West, held during GDPR week in partnership with the Corsham Institute.

I shared my understanding of the new data protection legislation and how I fervently believe it to be a great opportunity for the organisations that embrace it.

The Data Protection Act has been in place for the past twenty years – during this time the world has moved on dramatically, with some of the most extreme changes coming from technology and how we use it. Which is why it’s time for ‘out with the old, in with the new’.

Continue Reading

Is the NHS GDPR Ready?

The General Data Protection Regulation (GDPR) will become law on 25th May 2018, superseding the twenty-year-old Data Protection Act, which is no longer fit for purpose in this Digital Age.

GDPR enhances data protection laws across both the United Kingdom and European Union. Organisations, particularly those whom collect, process and share vast quantities of personal data will need to ensure that they are compliant or face action from the Information Commissioners Office (ICO). If organisations are found to be at fault, they may face hefty fines, either a maximum of €20 million or 4 percent of the organisations turn over, depending on the severity of the breach.

There has been some debate over whether, or not, the NHS need to adopt processes and policies aligned to GDPR. Some say it will only apply to commercial organisations or that “We are leaving the EU, so it no longer is applicable to us”. However, this is not true.

Continue Reading

PwC Scale Programme launches with MyLife Digital on board

Twelve companies will line-up on 1st March, to pitch their value proposition at the Scale | South West Executive Evening, including MyLife Digital.

Strengthening Bristol’s reputation as a tech, creative and media hub, PwC and Business West, in collaboration with Engine Shed have identified a dozen fast-growth companies in the South West and Wales who will embark on an exciting journey to help tackle the challenges of ‘scaling up’.

The Scale | South West programme will link these selected businesses with market leaders, industry experts and investors to help drive further their growth and expansion.

Welcoming the selected companies, Katharine Finn, PwC regional leader for the West, said:

“This is a fantastic opportunity for industry leaders, experts and investors to engage with the founders of fast-growth companies that have the potential to be future market leaders.

“Our aim is for founders and executives to learn from each other and feedback from previous programmes suggests that this process evolves as the programme develops. We are confident that this will continue into the current programme and that will, in turn, lead to real development and scale-up opportunities.”

The Scale proposition brings together companies who have developed disruptive and innovative technology, with executive decision makers looking to innovate, establish partnerships or provide mentoring and advice.

Over 20 large corporates with strong regional presence are already showing their support to the initiative.

For the full news release click here

J Cromack, MyLife Digital CCO, said:

“Being exposed to a network of Partners and corporate contacts of PwC was too good an opportunity to miss. The combined knowledge, support and review of our proposition and business plan will certainly help us scale our business. Working alongside and sharing experiences with like-minded individuals feels like it’ll be mutual gain for all while also supporting the aspirations of the South West to become a leading technology region in the UK.”

Patient privacy under threat from NHS Digital and Home Office data sharing agreement

Last week, it transpired that NHS Digital had been sharing non-clinical patient information with the Home Office for immigration purposes. The Home Office uses both NHS Digital and The Department for Health to obtain non-clinical data, such as addresses, Date of Birth, GP details and the local GP surgery registration date.

The Home Office is capturing data to identify those who may have failed to comply with certain restrictions which allowed them to remain in the country or escape immigration control.

However, while this data may be of benefit to the Home Office for immigration purposes, it appears to be putting citizens health at risk. Clinicians believe they have a duty of care to treat whoever turns up at the doors of hospitals across the nation, no matter what their nationality or immigration status.

Continue Reading

Driving Forward Patient Data Acceptability in the NHS

With GDPR effective from May 2018, the NHS will have a legal obligation with patients to be transparent, when portraying what they use their personal data for. They will also have to gain patient permissions for the various data uses.

Patient data sharing is vital for the NHS, it allows them to easily access patient records, enabling better primary care decisions to be made. Enhancing patient acceptability is a key factor for improving patient consent.

Furthermore, health data shared within the NHS has historically been very attractive to third parties within the healthcare industry, particularly in the medical research and pharmaceutical sector.

That said, some patients are uncomfortable with their most sensitive health data being shared outside the boundaries of the NHS. The possibility of sensitive health data, such as information on sexually transmitted diseases, a very private matter, gives the citizen an understandably cautious approach to giving permission to share it.

Continue Reading

Navigate the “Bumps in the Road” on your journey towards GDPR compliance

Chief Commercial Officer, J Cromack, reflects on his recent panel session at the GDPR:Summit

On the 30th January, I had the pleasure of addressing a room of delegates at the GDPR:Summit in London, alongside other like-minded advocates of strong data governance – Neira Jones, Sue MacLure, Robert Wassall and Tim Hunt.

The discussions around the room, were, quite rightly, centred on the impending General Data Protection Regulation (GDPR) and how it impacts business as usual. For me, there appears to be a lot of talk around the actual regulation, probably a bit too much – when the focus should be on getting it into practice.

The crux of the matter is that organisations need to place their customers, supporters, members, donors, patients, employees or whatever you call them (we say the citizen at MyLife Digital), at the heart of their data and GDPR strategy.

Simply remembering that the personal data citizens entrust to you actually belongs to them – you are a temporary custodian of this information whilst they remain a value exchange with you. The value exchange being the benefit both parties gain during the period of time you interact. Whether this is for products, services or employment, once the transaction or contact is complete, under GDPR the personal data must be deleted or anonymised after a certain time period (which you must determine based on your usage of the data and what is right by the citizen), as set out in your Privacy Policy.

Continue Reading

Follow Us