GDPR (archived October 2017)

Essential guide

The General Data Protection Regulation (GDPR) is European Legislation which comes into force on 25 May 2018. It will apply to all organisations across the EU who are "controllers" or "processors" of personal data. This will include hospitals, GP practices, community pharmacies, universities and organisations engaged in research.

Why should I know about GDPR?



Whether you are involved in helping to prepare the organisation you work for to be ready or whether you will be involved in collecting or using the personal data of your patients once GDPR comes into force, having an understanding of GDPR will be useful to you.

Sections on this page

  • What does GDPR do?
  • Accountability
  • Basis for processing data
  • Additional consent requirements
  • New definitions
  • What this means for me in practice?
  • What resources are available to support implementation?
  • Brexit
  • Non-compliance

  Member only content

Become a Royal Pharmaceutical Society member to view this content.