This tool will help you assess your therapy practice's compliance with GDPR data protection requirements and provide actionable recommendations for improvement.
Written consent forms with clear explanations
Verbal consent only
Digital consent through secure platforms
No formal consent process
Mixed approach depending on situation
Password protection and encryption
Regular security updates and patches
Access controls and user permissions
Backup and recovery procedures
Basic password protection only
No specific security measures
Yes, comprehensive written plan with clear procedures
Yes, basic plan covering essential elements
Partial plan, needs improvement
No formal plan in place
Comprehensive training completed for all staff
Basic training provided to most staff
Limited training for key personnel only
No formal GDPR training provided