GDPR and data protection

GDPR and data protection

It has been hard to escape GDPR.  The legislation came into force in May 2018 and introduced a sea-change in the way that we view and handle personal data. 

A&R has always had a robust data protection policy, but GDPR has given us the opportunity to review and enhance our practices to ensure that we are fully compliant with the new legislation.  Our staff are regularly trained on data handling and we have published an overview detailing all of our processes to ensure we are completely transparent.

Often in care home transactions, we receive personal data, particularly for staff and residents.  We always request that such information is anonymised.  When we send personal information out of the firm, it is encrypted, or password protected to safeguard its security.  We have in place a host of other measures to ensure that the data we handle is stored and retained appropriately and is safeguarded while being transmitted.

Care homes also handle vast amounts of personal data.  If you have not done so, it is vital that you review the types of personal data that you hold, ensure you are storing it in approved locations and that you do not hold it longer than is necessary.  Your staff must also be trained to comply with your policies and procedures.  Please see the Information Commissioner's Office website.

If you need advice on your data handling processes or policies, A&R have specialist data protection solicitors who can assist.  Please let us know if you would like someone to contact you

Care team contact details 

Jo Clark – 01273 403226 –

Doug Stewart – 01273 403238 –