Care homes, nursing homes and domiciliary care agencies all hold highly sensitive health data on behalf of their clients. As such, they already need to comply with the UK’s Data Protection Act 2018 and the European Union’s GDPR, which came into force in March 2018.
The good news is that if you’re a care provider who already complies with both data protection acts and doesn’t receive or send personal data abroad, you have very little to worry about. The ICO’s recent advice for UK based businesses to prepare for Brexit is simply to make sure they comply with the GDPR.
“If you are a UK business or organisation that already complies with the GDPR and you have no contacts in the EEA who send you data, and no customers in the EEA, you do not need to do much to prepare for data protection after Brexit. Your best preparation for data protection after Brexit is to comply with the GDPR now.”
You might be wondering why the ICO is telling businesses to still comply with the EU’s GDPR when we are preparing to leave the European Union. Well, this is because the ICO and Government’s view is that the GDPR is such a good piece of legislation that we should keep it after Brexit anyway.
“The UK is committed to maintaining the high standards of the GDPR and the government plans to incorporate it into UK law alongside the Data Protection Act 2018 after Brexit” ICO
Advice from NHS England is also that “there will be no immediate change in the UK’s own data protection standards” after Brexit.
Even if you do have data flows to the European Union, the Government’s advice to healthcare providers states that after Brexit “Data will continue to flow from the UK to the EU unaffected”. However, the advice does also acknowledge that data flowing in the other direction, to the UK from the EU, may possibly be restricted if we leave without a deal.
We urge care providers who use online care management systems to check with their software supplier that their data flows will not be affected in event of a no deal Brexit.
Log my Care stores and processes its clients’ data with the market leader in cloud services, Amazon Web Services (AWS), in Ireland. We have already confirmed with AWS that our service will be uninterrupted in the event of a no-deal Brexit and are pleased to inform our community that there will be no disruption.
“Customers will be able to transfer data into and out of our Regions throughout Europe (including into and out of the UK) just as they did before Brexit” AWS
If required to at any point, Log my Care’s Chief Technology Officer, Adam Hurst, has contingency plans in place to migrate all data quickly back to the UK. At present, we see no need to make that transfer but we will continue to monitor the situation closely.
If you have any further questions on how we are responding to Brexit, then please send them over to firstname.lastname@example.org or get in touch via our live chat.