GDPR Toolkit

The General Data Protection Regulation (GDPR) applies to every organisation that handles personal information.

As well as strengthening the legal rights of individual data subjects, it imposes greater obligations on practices to document processes, increase transparency and ensure that data is held securely. Breaches of the GDPR could result in financial penalties and reputational damage.

Healthcode have produced a GDPR Toolkit which we believe will assist practitioners on their journey to compliance. Produced in collaboration with specialist corporate and technology lawyers, the toolkit is specifically developed for the needs of independent practices and consists of:

  • GDPR Guide

    The guide introduces the GDPR’s key changes and terminology, explains how the GDPR affects your independent practice and provides practical steps to compliance.

  • GDPR Templates

    The Toolkit includes six templates to help you manage and document data protection processes in line with the GDPR. They include a privacy policy, an information asset register to help you keep track of the data you hold, a model subject access request procedure and a breach notification procedure. All templates can be easily implemented within your practice so you can achieve and demonstrate compliance with the GDPR.

  • Subject Access Export

    A tool that enables you to collate and extract the information you hold on a patient, within ePractice such as notes, alerts and correspondence. It means you can respond to a subject access request quickly and easily and in a portable format.

     Please log in to ePractice for further information or to purchase the GDPR Toolkit.





Toolkit FeedbackCharlotte Russell New

"Real peace of mind from knowing that GDPR documents are now in place.The information is very clear and the documents and proformas are very accessible and can be tailored to your practice. Thank you Healthcode for doing the hard work for us." Charlotte Russell, Medical Secretary, Cambridge


Data security
If you rely on a third party supplier to process or store data on your behalf, the ICO expects you to make sure they have appropriate information security safeguards in place.

Healthcode is continually working to ensure that our services meet the highest data protection standards.

If you are a Healthcode customer, you can be sure that your data is stored within a private dedicated infrastructure which is physically located in a secure UK data centre, rather than held in a data cloud in an unknown location. Healthcode’s information security systems also comply with the latest international specification for information security management systems (ISO/IEC 27001:2013).