Blog

Blueprint OMS and the General Data Protection Regulation (GDPR)

March 29, 2018
|

We are now getting close to the date when the European Commission’s General Data Protection Regulation (GDPR) will take effect. Blueprint Solutions currently provides leading office management solutions for hearing healthcare providers in five EU countries, and as such is subject to the regulation.

Blueprint Solutions has been preparing for the regulation to take effect. In this brief post, I will address some of the common questions that we have received regarding GDPR, starting with the first and most pressing question: Is Blueprint Solutions in compliance with the regulation? The answer is YES. Here are some additional questions we have received from our clients.

Q: Where is my data hosted?
A: Data for European based clients is stored in a secure data center in London, UK, which is managed by our infrastructure partner EveryCity. The data center provides the latest server and security technology and is ISO 27001 certified. More information about our data center and its security measures, can be found here: https://everycity.co.uk

Q: What about backup?
A: Data is backed up both onsite at the data center, as well as at another secure site also in the UK. Blueprint Solutions retains hourly data backups for 24 hours and nightly data backups for 30 days. They are stored at multiple physical locations within the UK.

Q: Is my data encrypted when transmitted?
A: Yes, data is encrypted using 128 bit encryption.

Q: What data access controls are in place?
A: First of all, each user must have a unique user ID and a password. In addition, access can only be obtained through the Blueprint OMS application, and a unique access key is required to activate the application. In other words, access cannot be obtained through a web browser, as is the case with many other applications. Access to the system can also be restricted by IP address.

Q: What if I want a copy of my data?
A: As per our license agreement, your data is your property and is considered confidential. We can provide you a complete, encrypted backup of your data within 1 business day of the request. 

Since Blueprint Solutions is also providing office management solutions for hearing healthcare providers in the US, we are subject to, and in compliance with, the Health Insurance Portability and Accountability Act (HIPAA). There are similarities between the two regulations, and in many cases the HIPAA regulation has more specific and stringent requirements.

It is also important to mention that some requirements rest specifically on the clinic, including data security on the PC level and obtaining patient consent for distinct purposes of processing. Consent must now be obtained separately from other written agreements, clearly presented and as easily revoked as given. Specific rules apply for children.

For questions or comments, please contact Henrik Nielsen at henrik@blueprintsolutions.us.                     

Posted in: Blog
Related Articles

ESCO Continuation of Care Form

March 13, 2024 | Leah Wosje

Blueprint Solutions / ESCO integration Bringing loyal patients back to the office is a critical part of any...

Read More

New Features and Enhancements in v4.6

February 16, 2024 | Tashia Mackenzie

In this article: Integration with QuickBooks Online Apply a Return Charge as a Percentage of the Line Item...

Read More

Save time and energy with our MedPB integration!

February 16, 2024 | Bridget Fritzke

Save both time and energy with the integration options available through Blueprint OMS and MedPB. Any leads that...

Read More
No comments
Leave Comment

account_box