What is GDPR?
On 25 May 2018, new rules and legislation regarding the collection, storage and processing of personal information with regards to individuals in the EU, the General Data Protection Regulation (GDPR), will come into effect. The GDPR is designed to strengthen and unify data protection.
With respect to organisations and individuals outside of the EU, any company that handles or is responsible for EU residents’ personal data, regardless of their global location, is, in turn, obligated to secure this data in accordance with the GDPR.
According to the regulation, the GDPR provides the following rights* to individuals over their personal data:
- The right to be informed
- The right of access
- The right of rectification
- The right to erase
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision-making and profiling
*For more information, visit the Information Commissioners Office (ICO)
Our Commitment to GDPR Implementation
We are well aware of the importance and the urgency of data protection and privacy. With that, we are also aware of our role and responsibility to customers, business partners, vendors and to our company employees around the globe to provide the tools and processes necessary to administer and support the GDPR.
We recognise that the GDPR will, in turn, help our organisation move forward and keep pace with not only stringent industry standard, but also align ourselves with the now high-level protection of our customer, vendor and employee data.
At Medatech, we take pride in our longstanding tradition of honouring and respecting our user/customer and employee rights to data privacy and protection. To that end, we are currently undergoing a thorough preparation process to fully comply with the GDPR, with respect to our product development, marketing, sales and distribution.
How is Medatech Preparing for GDPR?
We fully understand its obligation to help users, partners and employees get ready for GDPR implementation. We have carefully reviewed the GDPR requirements and are overseeing/ managing our GDPR initiatives, which include, but are not limited to:
- Personal data – Define/identify personal data and document this data, including the various data sources, where applicable, as part of the overall GDPR compliance plan.
- Data visibility – It is important to maintain stringent rules and regulations for data collection. Priority Software is currently assessing the best possible data collection methods, refining current processes and workflows so that each complies with the GDPR.
- Data security – We are currently making concerted efforts to keep in line with our customers own data security procedures. We are, in turn, tailoring our own internal processes by assessing and applying, now and in the future, various IT standards and procedures that will help broaden our customers’ data security.
- Data transfer – GDPR gives users the right to either receive all data provided and processed by the controller/organization or transfer said data to another controller. We are therefore working on further enhancing our data export capabilities, so that we will be able to export data on an individual user level, if deemed necessary.
Customer Support through the Transition to GDPR
To cover the requirements of the new legislation, we have developed functionality to help you comply with this new law.
It is a plugin that will be available for you to review in the next few weeks. We are currently writing up the documentation and making the finishing touches. The plugin will allow you to flag any data from limited lists in tables (such as date of birth, phone numbers, addresses etc.). This will allow you to control which fields will be filtered by the plugin. Once you’re happy with your field selection, you’ll have to specify what date to go by and the procedure will replace the data with an ‘X’.
The plugin works with all version of Priority, so you don’t need to worry about upgrading (however we do strongly recommend that you are on the latest version). It does have a cost implication for a quote please contact firstname.lastname@example.org
We invite all Medatech customers to contact us with any and all questions and concerns regarding GDPR compliance.