NHS Spend Over £1m on GDPR

NHS Trusts have spent over £1million preparing for the incoming EU General Data Protection Regulation (GDPR), according to research from the Parliament Street think tank.

The findings are contained in a report entitled Getting the NHS Ready for the GDPR, which was published today, and reveals that 46 Trusts have spent £1,076,549 on GDPR. It contains insights and analysis into how NHS trusts are preparing to comply with the legislation, including spending on software, staff training, secure email systems for patient records and specialist GDPR consultancy.

Topping the list for biggest spender was Luton and Dunstable Hospital Foundation Trust which set aside £111,200 for GDPR implementation, targeted at staff support and training.

At the bottom of the list was Royal Derby hospital which stated it had only spent £500 on GDPR. Goodmayes Hospital also spent £500 with an additional £70 a month on a secure email system for sending patient records.

Other big spenders included Lincolnshire Partnership NHS Foundation Trust which spent £106,915 on staffing and training, including £1,755 on specialist training.

South Central Ambulance Service NHS Trust set aside £95,000 for GDPR. This was followed by St George’s University Hospitals NHS Foundation Trust which also spent £95,000 on ‘research, analysis and resourcing’.

Nick Felton, SVP, MHR Analytics comments: “The incoming GDPR poses significant challenges to health trusts, which are tasked with managing highly confidential patient data and critical medical documents. This new legislation will increase pressure on hospitals to improve standards of data processing and introduce more stringent policies for managing information securely. It will also require trusts to develop blueprints for notification of privacy and data breaches.

With NHS resources already under strain, it is important that the health service moves quickly to meet the GDPR compliance deadline, particularly when the consequences of failing to do so include significant fines. Key to achieving this is for trusts to gain full control of all data and improving its quality to make better decisions for the long term.”

The latest episode of Comms Business Live focused on GDPR and what that means for the Channel. You can catch up with that episode below.

The following two tabs change content below.

David Dungay

Editor - Comms Business Magazine