LinnéFiler and GDPR
Introduction
LinnéFiler manages patient information for the benefit of the patient and clinic. The data involved is personal information of a sensitive nature and managing the information falls under the general data protection regulation (GDPR) or EU directive 95/94/EC. Fertsoft does not store or handle any patient data and has no servers with stored data. LinnéFiler is set up locally in a secure local network provided by the clinic IT provider.
Technical details
Database
LinnéFiler is a FileMaker product and the database is a FileMaker database. The database is password protected and is stored on a server in the clinics local network. No data ever leaves the server without the explicit instruction from the clinic.
To further secure the database LinnéFiler supports encryption of the database. The data is encrypted at rest to prevent access to databases not in use.
User profile groups
LinnéFiler supports different user groups to be set up at the clinic. The different groups can have different security settings to mask certain personal information. The user groups can have different rights to both information and functionality in LinnéFiler.
Login
Login can be managed by two methods:
- By username and password - A clinic administrator can add and manage users without knowing the passwords of users. Fertsoft generates login credentials on request.
- By single sign on – LinnéFiler supports Active Directory login managed by the clinic IT department. When authorized to login to the computer the LinnéFiler application automatically recognizes the credentials.
Communication security
All communication between the server and client computer is done within the confines of the clinic local area network. The network is provided by the clinic IT department and is required to be a secure network.
SSL encryption is used to enhance the security within the local area network.
Backup management
Backup of the LinnéFiler database is at a minimum made daily for up to seven (7) consecutive days. Fertsoft manages primary backup that is stored on a separate drive or in a particular folder. Secondary backup is the responsibility of the clinic IT provider and is generally made from the primary backup drive or by complete server backup.
Backups are encrypted at rest for increased security. All databases are password protected.
Tracing
All changes in the LinnéFiler database is traced and logged. An audit log is stored in a separate database but can be accessed through LinnéFiler. The log can be reviewed by Fertsoft on request.
Traceability is also possible for record viewing. Access logs showing who viewed what record and when the record was viewed can be chosen as a component. Logging can be set up and exported for review by clinic administration. Logs are exported to the server in XML, XLS or MER format.
System log
No personal information is stored in the general system log. Only technical entries will be found in the logs.
Preparedness
Fertsoft has a well-rehearsed routine for data restauration. Backups can be restored on the server within minutes. In the event of complete server failure, a secondary backup can be installed on a new server within hours.
GDPR rights and rules
Consent
Collecting consent to handle the patient couple’s data is the responsibility of the clinic if applicable. LinnéFiler supports storage of signed consents and ways to display that consent has been given for different process steps.
Right to information
LinnéFiler supports data exports in multiple formats including Excel. All data pertaining to the registered patient couple can be exported for review by the couple. LinnéFiler also supports printouts with information directly from the database for review.
Right to correction
All data in LinnéFiler can be edited either by the clinic personnel or by Fertsoft. How data corrections are managed is the responsibility of the individual clinic.
Right to be forgotten
Generally patient data falls under local legislation regarding storage of medical data. In many cases such data falls under processing categories specified by the directive prohibiting data to be completely removed. LinnéFiler supports data masking of records to limit the availability of the data to others than specific clinic personnel. If deletion is applicable a record can be completely removed by Fertsoft support staff on request. Backups containing the deleted data will be overwritten in 7 days with regards to primary backup, and secondary backup can be removed by the clinic IT department after backing up the overwritten primary backup.
Data portability
All data can be exported into several different formats. A complete patient record can easily be imported to LinnéFiler.
Breach notification
Fertsoft will notify the clinic of any suspected breach of security detected. The notification to the individual patient is the responsibility of the clinic.
Processing agreement
The Controller (clinic) has a responsibility to arrange a processing agreement with the Processor (Fertsoft) for processing personal data. Fertsoft can supply prearranged processing agreements covering the support and maintenance attributable to LinnéFiler. In some cases, the clinic IT provider should also be in such a contractual relationship as the data is stored and backed up by the IT provider.
Fertsoft and GDPR
Introduction
Fertsoft provides the product LinnéFiler. The delivery and maintenance of the product means managing personal data of our customer’s employees and in some cases patient database. Fertsoft manages the following types of personal data:
Type 1: Contact information for the clinic and clinic employees
Processed to enable contact and to manage support cases. Support sent to Fertsoft is registered in a digital support management system where the requester is registered with email, organization and, if relevant, name. Storage of contact information and support cases may be carried out by subcontractors to Fertsoft
Type 2: Name, signature and profession for the clinic’s employees
Processed to administer login information to the products supplied, and to enable functionality such as automatic signatures and logging of data changes in the same products. Data registered is stored on the server of the clinic.
Type 3: Patient data
Processed to enable support, maintenance and in applicable cases invoicing. Patient data never leaves the server of the clinic unless explicitly instructed. The Fertsoft does not store any patient data. Storage is the responsibility of the clinic or the clinicss IT provider. The clinic is responsible for ensuring that potentially relevant processing agreements exists between he clinic and the IT provider. Support and maintenance are generally preformed directly by Fertsoft but may be performed by a subcontractor or sub-consultant. If required, for processing of patient data, a personal confidentiality agreement shall be signed by the individual performing the processing.
Agreements
It is the responsibility of the individual customer to ensure that data processing agreements are in place. To help our customers, Fertsoft provides a standard data processing agreement that covers personal data in regards to business communication as well as support and maintenance.
Policies and documents
The Fertsoft information and security policy together with the statement of professional secrecy signed by each employee is the basis of our information security. Additional customer specific agreements can be and are used to supplement the in-house security procedures.
Sub-Processors
If a sub-processor is used for the management of customer data the sub processor is generally to sign a personal data sub processing agreement. The main sub processors and the data they are involved in managing is shown in the table below.
Supplier | Role in process | Type of data | Country/Adress | Sub-processing agreement |
WebPages NKLT | Storage of contact information to clinic staff | Contact information to clinic staff including name, phone number and email adress | Kålsängsgränd 10B
753 19 Uppsala Sweden | Yes |
Zendesk | Support platform provider | Contact information to clinic staff including name, phone number and email adress | 1019 Market St San Francisco, CA 94103
USA www.zendesk.com | No
End user agreement towards the clinic employee |
Microsoft | Email and digital platform provider | Contact information to clinic staff including name, phone number and email adress. | One Microsoft Way, Redmond, Washington, U.S | No
Data processing is part of general agreement and privacy statement |