GDPR spending varies widely across NHS Trusts in UK

DataIQ News

NHS Trusts have so far spent more than £1m to get in shape for GDPR, although their outlay varies from over £100,000 to just £500, according to a new report.

Sia Partners recently claimed that FTSE 100 firms will, on average, spend £15m to achieve GDPR compliance but according to a new analysis by think tank Parliament Street, 46 different trusts have spent a total of £1,076,549, with staff training the main cost.

Luton & Dunstable Hospital Foundation Trust has made the biggest investment so far, at £111,200, with Lincolnshire Partnership NHS Foundation Trust also a big spender on £106,915.

They are followed by South Central Ambulance Service NHS Trust and St George’s University Hospitals NHS Foundation Trust which have both spent £95,000.

The lowest spender was the Royal Derby Hospital, spending a total of £500 on GDPR preparations, a figure matched by Goodmayes Hospital, although Goodmayes is spending an extra £70 a month on secure email systems to send patient records.

MHR Analytics senior vice-president Nick Felton said: “The incoming GDPR poses significant challenges to health trusts, which are tasked with managing highly confidential patient data and critical medical documents.

“This new legislation will increase pressure on hospitals to improve standards of data processing and introduce more stringent policies for managing information securely. It will also require trusts to develop blueprints for notification of privacy and data breaches."