Information Law and Data Protection

Information law and Data Protection experts

Hempsons have decades of experience of advising on information law and data protection, and regularly advise NHS and other healthcare providers, third sector entities and tech start ups in the field. We advise on the full range of information governance issues, ranging from individual requests under the subject access and freedom of information regimes, ICO investigations and appeals through to ensuring information governance compliance in artificial intelligence-powered ‘big data’ analytics projects. Information governance issues often occur in connection with other legal issues and our information governance team has a multidisciplinary approach, working with our procurement, commercial and employment teams as appropriate.

Recent work in this area has included preparing clients for the transition to the GDPR regime and the Data Protection Act 2018, including a national programme of seminars on this issue.

Main areas of expertise

GDPR/DPA 2018 compliance
NHS Information governance compliance
Information sharing
Information access regimes (data subject access and Freedom of Information)
Data rights requests, complaints and claims
Information Commissioner investigations and appeals

Chris Alderson

partner
- Manchester
- information law, healthcare litigation
- c.alderson@hempsons.co.uk
- 0161 234 2448
View profile
Karen Dean

associate
- Manchester
- regulatory, private practitioners, healthcare litigation, healthcare
- k.dean@hempsons.co.uk
- 0161 234 2457
View profile
Philippa Doyle

partner & National Head of Advisory
- Harrogate
- healthcare advisory
- p.doyle@hempsons.co.uk
- 01423 724028
View profile
Mesha Kneen

solicitor
- Manchester
- Healthcare advisory
- m.kneen@hempsons.co.uk
- 0161 234 2501
View profile

Big Data, Health Data
10 October 2018
How to unlock the potential of health data within a compliant information governance framework.

Continue reading
Commercial secrets and the public sector
29 September 2020
Many commercial contracts have provisions on confidentiality. Many contracts include them as a matter of course, as they have become standard “boilerplates”

Continue reading
Data protection – getting it right
7 June 2017
Dentists across the UK will be all too familiar with the Data Protection Act 1998 (DPA) but possibly not yet accustomed to the EU’s General Data Protection Regulation (GDPR) which will apply from 25 May 2018. Notwithstanding Brexit, the UK government has indicated that it will implement the new regime.

Continue reading
Data protection – your obligations as a practice owner
26 September 2017
If you handle and process personal information about individuals, you have a legal obligation under the Data Protection Act 1998 (“the Act”) to protect that information.

Continue reading
Digital Newsbrief: Summer 2020
16 July 2020
Hempsons’ Digital Newsbrief, providing an update on a range of commercial and legal issues as well as a focus on current clients of Hempsons.

Continue reading
Fall-out of failure to look after data
13 September 2024
New Data Protection Fining Guidance has been published by The Information Commissioners Office. Philippa Doyle explains what this means for independent healthcare providers and offers some practical take-away tips.

Continue reading
Fit for purpose? What the NHS needs to know about big data and health technology
1 February 2020
Steps are now being taken centrally to adopt a co-ordinated approach to using NHS data and new technologies to unlock improvements in health care.

Continue reading
GDPR – are you ready?
10 November 2017
Keeping confidential information about staff and patients secure is a responsibility NHS organisations have taken seriously for a long time. But the requirements on them are about to increase. From May 2018, organisations will need to comply with the General Data Protection Regulation (GDPR), an EU regulation.

Continue reading
GDPR How it affects health and social care businesses
30 November 2017
Keeping confidential information about staff and patients secure is a responsibility businesses operating in the health and social care sectors have taken seriously for a long time. But the requirements are about to increase. From May 2018, organisations will need to comply with the General Data Protection Regulation (GDPR), an EU regulation.

Continue reading
Health start-ups: Online healthcare businesses – the data protection issues
26 June 2017
The way services are accessed has been transformed by the changes in technology over the past decade and these developments present exciting opportunities for transforming how healthcare can be delivered however, when seeking to develop new opportunities, it is essential to have a clear understanding on the law governing the use of data and ensure that these considerations are incorporated into any project from the outset.

Continue reading
Healthcare newsbrief: Winter 2017 edition now available
6 November 2017
Welcome to the winter edition of Hempsons’ Healthcare Newsbrief. Many of you will be reading this at the NHS Providers conference where many of the issues we are writing about – from moving towards digital records to the issues around moving to an accountable care organisation – will be either discussed or on the minds of delegates...

Continue reading
Hempsons’ Healthcare Newsbrief
15 October 2019
Welcome to our Autumn/Winter 2019/2020 edition of Hempsons’ Healthcare Newsbrief.

Continue reading
Hempsons’ Healthcare Newsbrief 2018
17 October 2018
Welcome to this autumn edition of Hempsons’ Healthcare Newsbrief. It has been a busy few months for the NHS in the legal system with some ground-breaking decisions on key areas such as withdrawing clinically-assisted nutrition and hydration, fitness to practice and procurement.

Continue reading
ICO guidance: handling worker health data
26 January 2024
The Information Commissioner’s Office (ICO) has published guidance on the handling of worker health data with the aim of providing advice and examples of good practice.

Continue reading
ICO tool kit for handling FOI requests
27 July 2020
The ICO has launched an online self assessment tool kit to help public authorities get back on track in handling FOI requests.

Continue reading
Is your dental practice ready for GDPR?
11 December 2017
The current law governing the use of personal data in the UK is the Data Protection Act 1998 (“DPA”). The law will change on 25 May 2018 when the European General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”) will come into effect.

Continue reading
Newsflash: Are you ready for the GDPR?
23 March 2017
The General Data Protection Regulation (‘GDPR’) comes into force on 25 May 2018 and is the largest overhaul of data protection since the 1998 Act.

Continue reading
Newsflash: Updated GMC Guidance on Confidentiality 2017
26 April 2017
On 25 April 2017, the updated GMC Guidance, Confidentiality: Good Practice in Handling Patient Information (“the Guidance”) comes into effect

Continue reading
Opt in, opt out, shake it all about?
20 June 2017
Charities have had something of a bumpy ride lately… and the bad news is that it’s not over yet. On top of increasing scrutiny of fundraising carried out by charities, data protection law and the Information Commissioner has now come to the fore with some big-name charities fined for data protection breaches.

Continue reading
What are your obligations with The General Data Protection Regulation (GDPR) – are you going to be ready?
21 November 2017
Certain types of personal data must be treated with particular care due to the sensitive nature of that personal data. This is of course common sense. ‘Health’ comes under what the ICO (Information Commissioner’s Office) calls the ‘special category’, making it a mandatory obligation to comply with the GDPR and more especially if you work in the health professional field.

Continue reading

Information Law and Data Protection

Information law and Data Protection experts

Main areas of expertise

Sectors

Services

PeopleView all

Chris Alderson

Karen Dean

Philippa Doyle

Mesha Kneen

NewsView all

Big Data, Health Data

Commercial secrets and the public sector

Data protection – getting it right

Data protection – your obligations as a practice owner

Digital Newsbrief: Summer 2020

Fall-out of failure to look after data

Fit for purpose? What the NHS needs to know about big data and health technology

GDPR – are you ready?

GDPR How it affects health and social care businesses

Health start-ups: Online healthcare businesses – the data protection issues

Healthcare newsbrief: Winter 2017 edition now available

Hempsons’ Healthcare Newsbrief

Hempsons’ Healthcare Newsbrief 2018

ICO guidance: handling worker health data

ICO tool kit for handling FOI requests

Is your dental practice ready for GDPR?

Newsflash: Are you ready for the GDPR?

Newsflash: Updated GMC Guidance on Confidentiality 2017

Opt in, opt out, shake it all about?

What are your obligations with The General Data Protection Regulation (GDPR) – are you going to be ready?