GDPR Compliance for Clinicians

GDPR Compliance for Clinicians

GDPR compliance is a legal requirement if you’re a Clinician in Private Practice and a requirement for practising privileges.
Let us take care of the implementation and legal documentation, and help safeguard you against data breaches and regulatory penalties.

Need help with GDPR Compliance?

  • Need to get GDPR compliant, but not really sure what that practically means, or how to go about it?

  • Confused about the legal jargon, and what you're supposed to put in your Privacy Notice?

  • Not sure what to do about email encryption, or just don't have the time or expertise to figure it out?

  • Suffered a data breach, and need help to sort it out, and get GDPR compliant? We're here to help.

The Ninja GDPR Compliance Clinic Can Help With...

  • Tailored Privacy Notice writing – a fundamental part of GDPR compliance

  • Email security and implementing the industry leading Egress Switch encryption solution.

  • Data security and technical assistance to ensure you are keeping patient data secure

  • Data backup (the GDPR expects certain types of data to be backed up)

  • GDPR compliance documentation

  • (Data Flow Audit – which maps out usage and storage of your data).

  • Privacy Notice

  • Data Breach Policy

  • Data Breach Log

  • Information Security Policy

  • Subject Access Request Policy

  • Website Cookies Policies and cookies alerts.

  • Advice on email marketing and the GDPR

What Does Getting GDPR Compliant Cost?

There are several elements to ensure you are GDPR compliant, usually you'll need all of them but sometimes just a subset. Everyone’s environment is different – that’s why we offer a free consultation to discuss how we can help you. If we determine that all your systems are fully GDPR compliant, our GDPR audit and documentation process is £795.

If you're like most people we've worked with, you'll probably need some additional help to get your systems GDPR compliant. The scope of this can vary, but getting you fully GDPR compliant (including your systems, tech, GDPR audit and GDPR documentation) will typically cost between £1545 and £1795, sometimes less.

We're happy to provide a payment plan over a few months. We'll take care of everything, and you can get on with seeing patients, secure in the knowledge that you're fully compliant with the Data Protection Act (2018).

Contact us HERE or book a free GDPR compliance consultation and let us help you become fully GDPR compliant.


Jules at Private Practice Ninja was so patient and helpful with all things GDPR and techy! Let's be honest I am a physiotherapist not a specialist in GDPR and IT this meant I turned to Jules to help me ensure my GDPR standards and patient privacy information is all up to the right standard.

Jules took his time helping me fully understand the process, even with my slow laptop it was never a trouble for Jules to wait patiently while he often would discuss ways in which I could improve my practice going forward with no pressure to do it all at once. It took me a while to get my head around it all but now I feel even more confident to manage my GDPR and online systems!

If you are a private practice or clinic that needs your GDPR and email systems bought up to scratch I would not hesitate getting in touch with the team at Private Practice Ninja they will put you on the right track for your private practise needs! Thank You Jules for being so helpful and friendly during this process and I look forward to using your services in the future! Amanda Hall

GDPR Compliance Documentation

  • We believe that becoming GDPR compliant, means practically putting in place what the ICO demands of us, which isn’t often doesn’t happen when you only get the great legal advice (from an expensive lawyer). What use is the advice, if you don’t know how to practically implement it.

  • If you need your GDPR documentation to be fully taken care of (and likely you will) we'll write the following bespoke documents: Data Flow Audit, Information Security Policy, Privacy Notice, Data Breach Audit, Data Breach Log and Subject Access Request Policy. We’ll get it done and dusted and supply you with all the completed documents for £875. We believe this offers great value and true peace of mind (we’ve seen significantly high prices quoted by non-clinical GDPR consultants, who don’t have private healthcare expertise). We’ll also walk you through all of the documentation and discuss what the ICO expects of you in situations such as a data breach.

  • Email. If you’re using free email providers – you are not GDPR compliant. Many paid for providers aren’t truly GDPR compliant. Microsoft Office 365 is fully compliant. We can migrate your email to Office 365 – this is a one time migration that we will take care of and will not interrupt clinical time. 95% the clinicians we have worked with in the last 18 months have needed email migrated in from non GDPR compliant email providers to the GDPR compliant Office 365. And they love the new modern platform! Costs general start at £720 to setup Office 365 for your domain, migrate a couple of mailboxes and setup Outlook / provide training.

  • Email encryption. A must in Private Practice. (Our solution, utilising very secure industry standard Egress technology can automatically encrypt and decrypt your emails). You email must be migrated or in Office 365 first of all as discussed in the point above. Guess what? Egress isn’t just about encryption. It’s much more powerful than that. It can easily help prevent a data breach in a very short amount of time. Again and again this has proved invaluable for our existing clients.Costs will depend on the number of mailboxes.

  • We’ll give you (and your staff) training on how to be confident in using Egress (so you can revoke access to incorrectly sent emails (everyone’s human, after all), or carry out a data-breach audit using Egress’ amazing auditing tools. Imagine being in clinic, and you’ve just sent an email to the wrong person. You'll have the confidence of knowing how you can revoke access to that email message, within seconds, rather than that panic moment of realisation that you’d just committed a major data breach by sending highly confidential information to the wrong person… Costs for this are included in the implementation of our Egress based solution.

  • Need a Cookies Policy for your Private Practice website? We’ve got it covered for £250 (plus a little more, if you need help to bring it into your WordPress website, or help with a Cookies Alert ‘pop-up’).

Trusted by Your Peers

Our Clients