Patients’ medical records contain highly sensitive information — which is why data protection regulations are suitably stringent. The Data Protection Act 1998 enforces regulations on all UK organisations and individuals classed as either data controllers or data processors. And the European-wide General Data Protection Regulation hits the statute books in May 2018 — bringing greater