GDPR Toolkit

The UK General Data Protection Regulation (UK GDPR) applies to every organisation that handles personal information.

As well as strengthening the legal rights of individual data subjects, it imposes greater obligations on practices to document processes, increase transparency and ensure that data is held securely. Breaches of the UK GDPR can result in financial penalties and reputational damage.

Healthcode worked with a legal firm to produce the GDPR Toolkit for ePractice which assists practitioners to remain compliant with Data Protection regulation. The Toolkit was specifically developed for the needs of independent practices and consists of:

  • UK GDPR Guide

    This details the UK GDPR’s key principles and terminology, explains how it affects your practice and provides practical hints and tips.

  • Templates

    There are six templates to help you manage and document data protection processes in line with the UK GDPR including a privacy policy, an information asset register to help you keep track of the data you hold, a subject access request procedure and a breach notification procedure. All templates are easily implemented and can be tailored to your practice to help you demonstrate compliance.

  • Subject Access Export

    This enables you to collate and extract the information you hold on a patient within ePractice, such as notes, alerts and correspondence. It means you can easily respond to a subject access request quickly and in a portable format.

The GDPR Toolkit can be found in ePractice on the menu bar and full access is included in subscriptions to Lite and Pro. Simply log in to your account for more information. If you are a Basic user, the Toolkit is available to purchase for a one-off fee. 





Toolkit FeedbackCharlotte Russell New

"Real peace of mind from knowing that GDPR documents are now in place.The information is very clear and the documents and proformas are very accessible and can be tailored to your practice. Thank you Healthcode for doing the hard work for us." Charlotte Russell, Medical Secretary, Cambridge


Data security
If you rely on a third-party supplier to process or store data on your behalf, the ICO expects you to make sure they have appropriate information security safeguards in place.

Healthcode is continually working to ensure that our services meet the highest data protection standards.

If you are a Healthcode customer, you can be sure that your data is stored within a private dedicated infrastructure, which is physically located in a secure UK data centre rather than held in a data cloud in an unknown location. Healthcode’s information security systems also comply with the latest international specification for information security management systems (ISO/IEC 27001:2013).