The UK GDPR uses terminology that people may find confusing. It also defines a number of roles and responsibilities and introduces some new roles. These are explained below:
Special Category Data
Includes collecting the information about an individual, using it, storing it, securing it etc. UK GDPR applies to all businesses and organisations and to all personal data held about individuals. In a dental practice, this means patients, employed and self-employed team members, referrers and anyone else that the practice processes data for.
Personal Privacy Rights
Under UK GDPR, all individuals who have personal data held about them have the following personal privacy rights:
- Right to subject access
- Right to have inaccuracies deleted
- Right to have information erased
- Right to object to direct marketing
- Right to restrict the processing of their information, including automated decision-making
- Right to data portability.
Automated Decision Making
Legal Basis for Processing Data
Data Protection Impact Assessment
Data Protection by Design and Default
Data Protection Officer
A person designated or appointed to ensure the business complies with UK GDPR.