Pharmacy previously worked under the Data Protection Act 1998. This has been superseded by the Data Protection Act 2018. Many elements remain the same but there are some key changes.

Key changes of GDPR include:

• updated data protection principles and scope
• updated conditions for processing data
• new rules regarding consent
• specific legal responsibilities for organisations processing children’s data
• enhanced data subject rights
• new obligations for data controllers and processors
• addition of the accountability principle
• introduction of the Data Protection Officer
• greater powers for regulation and enforcement.