Abstract
Introduction The General Data Protection Regulation (GDPR) is now at the core of data protection and provides more rights than ever before for individuals to control the data that is held about them, and holds organisations accountable.
Materials and methods Questionnaire-based knowledge audit consisting of 18 questions relating to GDPR, which was created and distributed to all staff at departmental audit meetings. The gold standard was set that all members of staff were required to pass the questionnaire, with the pass mark set at 14/18. This was followed by a tailored teaching session in conjunction with an online delivery element.
Results Cycle 1 was completed in December 2018; the pass rate was 1.6% (1/63) with a response rate of 87.5% (63/72). Scores ranged from 5-14 out of 18. Following dissemination of results, a tailored teaching session was conducted in conjunction with online learning. Cycle 2 was completed in February 2019; the pass rate was 83.9% (47/56) with a response rate of 77.7% (56/72). Scores ranged from 3-18 out of 18.
Conclusions Initially, staff knowledge of GDPR was inadequate. Staff knowledge improved with tailored teaching; however, knowledge and understanding of GDPR requires further improvement to meet the gold standard. Therefore, repeat cycles of tailored teaching and audit are planned. It is important that all staff have a good understanding and working knowledge of GDPR to ensure compliance in all areas of practice.
This is a preview of subscription content, access via your institution
Access options
Subscribe to this journal
Receive 24 print issues and online access
$259.00 per year
only $10.79 per issue
Buy this article
- Purchase on Springer Link
- Instant access to full article PDF
Prices may be subject to local taxes which are calculated during checkout
Similar content being viewed by others
References
Information Commissioner's Office. Guide to the General Data Protection Regulation (GDPR). 2018. Available at https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/711097/guide-to-the-general-data-protection-regulation-gdpr-1-0.pdf (accessed November 2019).
UK Government. Data Protection Act 2018. 2018. Available at http://www.legislation.gov.uk/ukpga/2018/12/pdfs/ukpga_20180012_en.pdf (accessed November 2019).
Information Commissioner's Office. Blog: Why special category personal data needs to be handled even more carefully. 2019. Available at https://ico.org.uk/about-the-ico/news-and-events/blog-why-special-category-personal-data-needs-to-be-handled-even-more-carefully/ (accessed November 2019).
Information Commissioner's Office. Your Data Matters. Available at https://ico.org.uk/your-data-matters/ (accessed November 2019).
Information Commissioner's Office. Personal Data Breaches. Available at https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/personal-data-breaches/ (accessed November 2019).
Scally G, Donaldson L J. The NHS's 50 anniversary. Clinical governance and the drive for quality improvement in the new NHS in England. BMJ 1998; 317: 61-65.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
No potential conflict of interest was reported by the authors.
Rights and permissions
About this article
Cite this article
Smyth, R., Parker, K. & Sharif, M. General Data Protection Regulation - are we up to date?. Br Dent J (2020). https://doi.org/10.1038/s41415-020-1844-8
Published:
DOI: https://doi.org/10.1038/s41415-020-1844-8