At Nutrium we've always been aware of the importance that surrounds personal data privacy and security, be it from nutrition professionals or their patients.
It's based on that data that our project is built and it's that informational core that allows us to provide you with a service known for its excellence.
With that in mind, we've started implementing, from an early stage, the General Data Protection Regulation (from now on GDPR) and we're happy to announce some news regarding your rights and your patients'.
From the beginning, we were always guided by a direct and transparent approach and now, in that spirit, we want to share the whole process with you. We invite you to read some of our next steps and ask you to follow us in our implementation plan.
What is GDPR?
GDPR is one of the most recent and ambitious Regulations of the European Parliament and the Council in the area of Data Protection, laying down rules which aim to give back the control over personal data to their rightful owners, the natural person.
As a result, a major number of companies processing personal data in the European Union, among other entities, must implement a group of new measures regarding the safety and management of the processing of that data.
In addition to these measures, full compliance with the new rights of the data subjects is also required, namely: the right to erasure (also known as “right to be forgotten”); the right to data portability; the right of access; among others.
You can check the English version of the Regulation here.
A privacy focused page
We are making sure that this policy is as transparent, clear and concise as possible so that you have easy and privileged access to your rights, to detailed information about the data we collect and share, to the privacy mechanisms at your disposal and your patients’, among many other information.
In addition, we've decided to concentrate all the information about the new implementations in a privacy focused page in our website, to be published soon.
Our Data Protection Officer
We've appointed a Data Protection Officer. It's of the utmost importance to Nutrium to ensure that all the steps we take towards GDPR compliance are audited and supervised by someone that's impartial, dedicated and committed to the protection of your personal data and your patients'.
It's our DPO's task to make sure your concerns are addressed, and your rights asserted. You can reach him at email@example.com.
Increasing our security measures
We're in the process of revising all our security infrastructure on the website, servers and App. We want to ensure not only the security and protection of the personal data in our servers but also in your practice.
Here are some of the measures being implemented:
- New password requirements
- New and more strict SSL certificates
- Implementation of inactivity periods
- Revision of all our service providers and subprocessors contracts
- Two-step verification
The implementation of GDPR as a transparent and continuous process
We believe that GDPR implementation is a continuous and constantly improving process.
But we want to go above and beyond conformity. It’s with this in mind that Nutrium pledges, from this day on, to keep improving in a continuous and uninterrupted way our privacy policies, general information, your personal data security and your rights. And we want you to join us on our journey!
Leave us your suggestions and check our blog regularly for other news and updates.
We want to help you complying with GDPR
While beneficial to all parties involved, GDPR can lead to some implementation difficulties. We are aware that professionals are also subjected to its requirements and we want to help you implement it in your practice.
It's with this in mind that we'll be writing an article explaining the broad lines of the Regulation and its repercussions to nutrition professionals.
In addition to that, we are working hard on modifying our platforms in order to provide you with some very useful tools such as pre-written informed consent statements for adults and the holders of parental responsibility over children under 13 years old, for you to download.
If you have any questions, please don't hesitate to contact us at firstname.lastname@example.org.