What do Brexit and GDPR mean for your clinic? Do not panic about the uncertain rules and changes in this confusing time. This post will explain Brexit and GDPR, what it means for your clinic and what actions you need to take.
Since the UK left the EU, things have been changing. If you process personal data in your clinic while taking care of patient scheduling, you need to be aware of which regulations you need to comply with. Essentially, if you process data of UK residents in the UK, you need to comply with the Data Protection Act and UK GDPR. If you process data for residents outside of the UK, you need to comply with the Data Protection Act and EU GDPR.
Here are some FAQs to help you understand what this means for you, your clinic, and the online booking systems UK clinics are often using:
Brexit and GDPR FAQs
What should you do right now?
Even though the UK has left the EU, you still need to adhere to GDPR to make sure that you process data appropriately for your clients. There is very little difference between UK GDPR and EU GDPR so essentially, you should still comply with EU GDPR. EasyPractice is GDPR compliant which means we follow all EU guidelines. This is also good news for you in the UK because it means that we ensure security comes first. We process your client data on your behalf and in your interest but only you have control over how we process your data. Your data is stored on Danish servers and nowhere else.
Make sure you delete personal data after a certain amount of time or when requested and make sure your clients have given you consent to process their data. You can use EasyPractice’s useful apps for this such as our Consent app and Clean Up app. You should also take a look at our GDPR guide to make sure your practice complies.
Will Brexit affect my clinic in the UK?
If your clients are UK residents, you need to comply with UK GDPR when you handle and process their data. If your clients are EU residents, you need to comply with EU GDPR. You should have already been doing this before Brexit so there should not be any noticeable change at the moment.
Will Brexit and GDPR affect my EasyPractice account?
No. You can still use EasyPractice exactly as before. We look after your data according to EU GDPR and store everything on Danish servers so you can be sure that your account is safe. We also never send client data to third parties and even when you use Google Analytics, only essential information is shared.
You can read more about safety for our UK users. If you are in another country in the EU, your relationship with EasyPractice does not need to change either! You can just keep using our system the way you did before and you can create an account if you haven’t already.
Our Secure Messages app provides you with encrypted communication, even for sending files, invoices and journal entries. When you communicate with clients, you do not want to worry about other people intercepting your messages, especially if they contain sensitive or private information. With Secure Messages, you can be sure this won’t happen.
Of course, we have other apps which focus on security and safety for you and your clients.
Some security tips for you!
If your clients leave you or no longer require your services and become inactive. Then you can set up in the EasyPractice system to ‘Cleanup’ for you automatically. By downloading the Cleanup app, you can be sure not to keep any unnecessary data on your inactive clients and the system will automatically delete this for you.
As a practitioner or specialist, of course you have to be sure that your clients’ data is safe and can’t get into anyone else’s hands without your permission. This is why we have the Two-Factor Authentication app to allow you to add an extra layer of security to your login process. It is very simple to set up. Just go to Apps in your top toolbar and click ‘Activate’ for Two-Factor Authentication. You go through the setup process and receive a code straight to your phone to log in. It’s quick, easy and worth it.
When you send an invoice by email to a client with another system, there is a chance that if unwelcome eyes get hold of the link, they could see private information. This won’t happen with EasyPractice! We have an added layer of security meaning that in order to access the invoice, the client needs a unique PIN code. It is very simple to use and understand but ensures security and extra trust between you and your clients.
You need to ensure that you have consent from your clients to process their data. You have to inform them what data you have from them, how long you store their data and how they can contact you to ask you to delete it. With the Consent app in EasyPractice, you can expressly ask them for this permission and keep track of whether your clients have given it to you.
Can I create a new EasyPractice account in the UK?
Yes, absolutely! You can create an account with EasyPractice for free and get in touch with our British support team! We will answer all of your questions, help you get set up and support you through your use of our system.
What if I have patients in the US?
Remember that there are different requirements in different countries. If you are dealing with client or patient data in the US, you need to adhere to HIPAA legislation and we have made sure that EasyPractice is compliant so that you can be too. The best way to make sure you are following the correct rules and guidelines is to check the requirements of each country that you are working in.
We hope that this post made it clear that you still need to comply with GDPR. If you have any questions or need any help, just send us an email at [email protected] and we’ll get right back to you!