Define the following terms as used in The Data Protection Act 1998:

a) Sensitive Personal Data
b) Data Controller
c) Data Subject

State how long patent records should be kept and explain why they have to be kept for this length of time

ANSWER

a) Is defined as personal data consisting of information, including opinion as to the data subject’s physical or mental health or condition.
o E.g. PMR

b) Is defined in the Act as the person who decides how and for what purposes the personal data is going to be processed

c) Is defined in the Act as the person to whom the data relates


- If PMR is just used for dispensing process there is no use of keeping it for more than a year
- If PMR constitutes the record of POMs supplied instead of a register, then it needs to be kept for 2 years after the entry
- If CD records become electronic, then same time frame will apply
- If PMR used for records of private prescriptions, with no hard copy register, then 7 years is needed for VAT purposes.


What action would you take if a patient requested that you delete their records
from your PMR system?

i tired Dale and Appelbe’s Pharmacy Law and Ethics but can not find my answer please if there is any mistakes in my answer correct me thanks