The General Data Protection Regulation (GDPR) is an EU Regulation which has been directly applicable in the UK on 25 May 2018.

The NIGPC IT team have put together a number of resources you may find helpful in getting up to speed and preparing for the new regulations.

To access the full collection of resources you will need to login and go to the Guidance Section of the NILMC website

What you need to know - Basics

The GDPR and Data Protection Act 2018 replaced the Data Protection Act 1998 with an updated and strengthened data protection framework, however, the key principles of the original Act remain unchanged. The most relevant changes for GPs in their role as data controllers are highlighted in the box below.


The BMA guidance below explains GP data controllers' responsibilities under the GDPR, and sets out the main themes of the legislation and what needs to be done to ensure compliance.

The principles in the BMA guidance apply to doctors working in private practice or other NHS healthcare settings.

BMA GDPR Section

GDPR and practice privacy notices (PPNs)

Helping you prepare for GDPR webinar
This webinar covers the key aspects of the General Data Protection Regulation taking effect on 25th May 2018, and how you can prepare your business for these changes.

Access to health records guidance (PDF)

Read our guidance on GPs as data controllers under the GDPR

Read our guidance on GDPR changes to Subject Access Requests and fees

NIGPC ICT Resource Folder

The NIGPC ICT lead - Dr Michael McKenna - Has kindly collated a collection of resources relating to GDPR including:

UK GPC presentations / Official GDPR Guidance / Sample practice Privacy notices / Guidance form the information governance alliance / Template privacy notices / The full GPC IT Lead Blog collection on GDPR / BMA Guidance document on GDPR

This can be found on the Guidance Section

To access this you will need to register to the NILMC website and be a member of a LMC

Social Media Groups

A community of GPs with a specialist interest in the legislation - contains sample files and active discussion about the evolving issues of GDPR in everyday practice


SARs Guide for GPs

FAQs from the Information Commissioner's Office

You can read FAQs from the Information Commissioner's Office covering; What is the GDPR? / What information does the GDPR apply to? / the need to appoint a data protection officer (DPO)? and more

How to disclose information safely

ICO's Guide to data protection

ICO's FAQs for GPs

ICO's Health Section