Nalytics SARs for GP Practices

Using Nalytics SARs we have significantly reduced our time and effort spent responding to Subject Access Requests…Nalytics SARs is already proving to be an invaluable addition to our SAR response toolkit.

– Nij Basi, Information Governance Manager – Bradford Council

GDPR & GP Practices

Since GDPR came into effect, any individual can request access to the personal information your GP practice stores on them and learn how it’s being used.

These requests – called Subject Access Requests (SARs) – require to be completed within one month, to meet GDPR compliance.

Responding to Subject Access Requests can be a time and resource intensive process, as it’s usually done manually.

Nalytics Subject Access Request solution (SARs) significantly improves your process around responding on time to a Subject Access Request, making it easier, faster, and more cost-effective.

Consequences of Non-Compliance

Your GP practice will no doubt hold documentation around your Data Protection policies and procedures. However, does the person responsible for Data Protection (data controller), at your practice know exactly how to respond if a patient, or an organisation working on behalf of the individual, submits a SAR?

One widely publicised case involved a Hertfordshire GP surgery, fined £40,000 for disclosing sensitive information in a SAR response.

Being fined is bad enough, however failing to comply with Data Protection regulations could be extremely damaging to your surgery’s reputation.

Not sure where to start? Download our SAR White Paper and learn more about the challenges GP practices face completing a SAR response, how to overcome these, and effectively manage your SAR responses to meet compliance requirements with ease.

What makes Nalytics SARs different?

Locating & Redacting Personal Data Related to an Individual is Quick and Easy

Our solution allows you to quickly and easily search across your structured and unstructured documents, files, and emails to find the ‘Subject’s’ data, and automatically redact any third party PII (Personally Identifiable Information) which should not be disclosed. This not only includes Microsoft files, such as Word or Excel, but also emails and their attachments, text files, PDFs, and so on. Images and scanned documents can also be redacted.

Nalytics SARs significantly reduces your time spent searching for personal data and automatically redacts sensitive information which might be overlooked in a manual search.

Ensure Relevant Documents are Readily Available for Disclosure

Nalytics offers automatic redaction of sensitive or confidential information. Censor this information either within the proprietary document viewer or by redacting directly from a copy of the original source document.

Having the entire SAR process incorporated in one easy-to-use, wizard-driven platform dramatically speeds up our response process. Overall, this gives us the best chance of fulfilling our GDPR SAR compliance obligations.

– Sarah Blair, IT Director – Thorntons Law

Why Nalytics SARs?

• Improve & streamline your SAR response process
• Increase productivity and save time & money completing SAR responses.
• Easily meet your legal & compliance requirements, including the one-month GDPR response deadline.
• Reduced time spent identifying and reviewing all relevant records and redacting known PII data.
• Risk of manual error around including sensitive information/images is significantly reduced, as the entire SAR response process is automated.
• A fast, user-friendly, wizard-driven solution to manage your SAR response process.

The speed at which I can redact and check a document has definitely improved and allows for more attention to detail…Nalytics SARs has cut the time in half when working on multiple SARs.

– HR Officer – Bradford Council