Frequently Asked Questions

1. The purpose of the data sharing is to enable the sending of text messages to eligible patients.

2. Data will be retrieved via a secure connection to each practice’s clinical system.

To fill out the consent form please visit:
https://consent.mygp.com/asthma-programme/asthma-act-form/

As there is no “accreditation” of GDPR compliance, we can only advise that we have worked with our legal specialists, Data Protection Officer, and NHS England to ensure that iPLATO Healthcare are 100% GDPR compliant in line with legislation.

iPLATO meets all requirements for Data Protection and DS&P (Information Governance) and is trusted by customers across the UK to handle, securely 21.5 million clients.

Please see below the Data Sharing Agreements, Data Processing Agreement and Terms in place:

https://www.pcm.nhs.uk/pcm_tc.php

https://www.iplato.com/dpa.pdf

It is not necessary to collect express consent from clients to communicate with them. GDPR does not regulate communication with clients, instead it is about the legal basis to process an individual’s data and their rights. In the healthcare space, providers use their “public task” legal basis to process client data for the provision of healthcare. clients can then express their preferences not to be communicated via particular means and this is normally common practice in surgeries.

For more on how GDPR affects client messaging in the healthcare industry: https://mailchi.mp/8dda68c0a4ac/countdown-to-gdpr-4-things-you-need-to-know