As I’m sure you’re aware, the new rules on General Data Protection Regulation (GDPR) will be coming into effect from 25 May 2018.
Under GDPR, healthcare providers are classified as ‘data controllers’ and as such there are some requirements that you will need to be aware of. The NHS Digital website is a particularly helpful resource on the topic.
To help support you with GDPR requirements, we’re making changes to the way that iaptus records and manages consent within the patient registration form. More information about GDPR-related changes to iaptus will be announced shortly but if you have any questions or comments in the meantime, please get in touch with your account manager or raise a support log.
The team at Mayden has also been working hard to review the GDPR regulations, and we can confirm that all areas of our business are GDPR compliant. We have the appropriate technical and organisational measures in place to comply with the requirements of Article 32 of the GDPR, as well as being ISO27001:2013 certified, and 100% compliant with Level 3 of the HSCIC IG Toolkit version 14.1. We will soon issue new contracts which have been amended to reflect the changes in GDPR legislation.
If you have any questions at all about Mayden’s compliance, please feel free to contact us for more information.