Check Before Sending
Always check
addresses and
paperwork before
A patient must only
you seal and send it
receive a letter
intended for them
Ensure staff follow
self – not
procedures, as
somebody else’s
simple checks will
personal details
prevent data
breaches from
happening
Use the confidential waste bins!
For any papers that contain personal, confidential or
identifiable information – dispose of them correctly, and
DO NOT take them home with you
GDPR Lawful Basis for
Processing Personal Information
Consent: the individual has given clear consent for you to process their
personal data for a specific purpose.
Contract: the processing is necessary for a contract you have with the
individual, or because they have asked you to take specific steps before
At least
entering into a contract.
one of
these must
Legal obligation: the processing is necessary for you to comply with the
be applied
law (not including contractual obligations).
when
processing
Vital interests: the processing is necessary to protect someone’s life.
personal
data
Public task: the processing is necessary for you to perform a task in the
public interest or for your official functions, and the task or function has a
clear basis in law
Legitimate interests: the processing is necessary for your legitimate interests or
the legitimate interests of a third party unless there is a good reason to protect
the individual’s personal data which overrides those legitimate interests.
Document Outline