GDPR Data Compliance and Practice Management Software
With GDPR approaching, it is important that your practice management system is compliant. It is also important to realise that even if you are using a compliant software system, how you handle the data is as important. A compliant software system does not ensure full compliance if your processes and procedures are bad. However, this article is about Blueprint. Blueprint burst onto the scene a couple of years ago and I know there are many hearing healthcare practices using the system.
I saw it at work several years ago in a Practice in Dublin and I was impressed with the ease of use and abilities it displayed. The chap who managed the Practice had nothing but good things about the system. Although I have never used the system, I have actually never heard a user speak ill of it. In this article, Henrik Nielsen, the President of Blueprint Solutions outlines what they have done in relation to GDPR, speaks about their compliance and answers the most frequently asked questions. If you are using another software system, I think the questions answered will serve as a template for your own questions to your OMS supplier. Over to Henrik.
Blueprint, GDPR and Frequently Asked Questions
We are now getting close to the date when the European Commission’s General Data Protection Regulation (GDPR) will take effect. Blueprint Solutions currently provides leading office management solutions for hearing healthcare providers in five EU countries, and as such is subject to the regulation.
Blueprint Solutions has been preparing for the regulation to take effect. In this brief article, I will address some of the common questions that we have received regarding GDPR, starting with the first and most pressing question: Is Blueprint Solutions in compliance with the regulation? The answer is YES. Here are some additional questions we have received from our clients.
Q: Where is my data hosted?
A: Data is stored in a secure datacenter in London, UK, which is managed by our infrastructure partner EveryCity. The datacenter provides the latest server and security technology and is ISO 27001 certified. More information about our datacenter and its security measures can be found here: https://everycity.co.uk
Q: What about backup?
A: Data is backed up both onsite at the datacenter, as well as at another secure site also in the UK. Blueprint Solutions retains hourly data backups for 24 hours and nightly data backups for 30 days. They are stored at multiple physical locations within the UK.
Q: Is my data encrypted when transmitted?
A: Yes, data is encrypted using 128 bit encryption.
Q: What data access controls are in place?
A: First of all, each user must have a unique user ID and a password. In addition, access can only be obtained through the Blueprint OMS application, and a unique access key is required to activate the application. In other words, access cannot be obtained through a web browser, as is the case with many other applications. Access to the system can also be restricted by IP address.
Q: What if I want a copy of my data?
A: As per our license agreement, your data is your property and is considered confidential. We can provide you with a complete, encrypted backup of your data within 1 business day of the request.
HIPAA Compliance
Since Blueprint Solutions is also providing office management solutions for hearing healthcare providers in the US, we are subject to, and in compliance with, the Health Insurance Portability and Accountability Act (HIPAA). There are similarities between the two regulations, and in many cases, the HIPAA regulation has more specific and stringent requirements.
It is also important to mention that some requirements rest specifically on the clinic, including data security on the PC level and obtaining patient consent for distinct purposes of processing. Consent must now be obtained separately from other written agreements, clearly presented and as easily revoked as given. Specific rules apply for children.
By Henrik Nielsen, President Blueprint Solutions
About Blueprint Solutions. Blueprint Solutions was established in 2005 and provides leading, cloud-based office management solutions specifically developed for the hearing healthcare field. Blueprint