Tag Archives: STRATO

Strato release 2.3.2 | GDPR Overview & Permissions | Managing Client Consent | New features

With this release version 2.3.2, Strato is now fully compliant with the GDPR regulation and privacy for everyone within EU. 

Strato functionality complies with all the key GDPR concepts:

  • Right to Access – clients are entitled to obtain information on the use of their data and the purpose of its use
  • Right to be forgotten – clients can request for their personal data to be erased
  • Data Portability – clients can request for their personal data to be transferred to them in a structured, commonly used and machine-readable format
  • Privacy by Design – Strato is designed and built so data is inherently protected

You can read more on GDPR by visiting eugdpr.org

Strato is upgraded with several new features:

The new Strato version 2.3.2 will be NOAH 4.9 compatible and Strato will automatically update NOAH to v. 4.9 when installing or updating Strato. GDPR related permissions you will find in one place, and Strato also provides you with an easy way to collect client’s consent which you may require to process or transfer their data:

  • NOAH Compliance
  • GDPR Overview
  • GDPR Permissions
  • Managing Client Consent
  • Exporting Client Data
  • Client Data Reports
  • Erasing Clients
  • Erasing Users
  • User Data Report
  • Exporting User Data
  • … and other improvement

GDPRYou can read more about the 2.3.2 release here: Strato What’s New

strato what's new 2.3.2

 

 

 

 

 

 

 

 

 

When is it released?

Strato will be updated on May 22nd at 20:00 GMT+1 (Denmark) – 19:00 GMT (UK). Downtime is expected to be a maximum of 6 hours.

When logging into Strato on May 23rd users will automatically be prompted to update their Strato installation.

Strato and GDPR Compliance

The European Commission’s General Data Protection Regulation (GDPR) will take effect at the end of this month. Auditdata provides Audiology office management solutions for both public and private hearing healthcare providers in many EU countries, and as such is subject to the GDPR.
We have been preparing for some time in preparation for the regulation to take effect. In this article, we will address some of the common questions that customers have asked us. For us, the most significant question and the information we want to get across is that all of our office systems are fully compliant with the regulation.

Auditdata, an ISO 27001 Certified Company

In fact, Auditdata is an ISO 27001 certified company and therefore is ideally placed to meet the demands of GDPR and general Data Privacy Compliance Regulation. In this article we will deal with Strato, our easy to use office management system designed for private practice.

Where is my data hosted?

We store our European based client data in a secure data centre in Ireland, which is managed by our infrastructure partner Microsoft. The data centre provides the latest server and security technology and is ISO 27001 certified.

What about backup?

All Strato data is securely backed up, and we can deliver details of backups and security protocols upon request.

Is my data encrypted when transmitted?

Yes, data transferred over internet is encrypted.

What data access controls are in place?

We take data access seriously at Auditdata; firstly, you can only obtain access to Strato data through the Strato OMS Application. A unique Licence key is needed to ensure the connection between the application and the cloud-server; finally, each user must have a unique user ID and a password to access the system.
We also limit access to data within the system with user roles which provide different levels of data access. It means that a receptionist can have access to scheduling without full visibility of clinical details.

What about Privacy Breach Detection

We have security systems in place that monitor and inform us of any attempted data access. We will report any privacy breach within one working day.

What if I want a copy of my data?

As per our license agreement, your data is your property and is considered confidential. Through Strato user interface you have possibility to export your data.

What about Data Portability?

We have separated data within Strato into three specific areas, personal identifier data such as name, date of birth etc., Noah Data and finally any documents you may have added to a Patient record. You can export one or all of these data records depending on the request.

What about Right to Access?

We have designed a right to access feature within Strato that allows an on-screen visualisation of all of the data held against a Patient record. This feature will let you visually show any Patient all of the data you keep about them.

What about Gaining Consent?

We have designed a consent manager feature within Strato that is populated with typical consent paragraphs needed within a Practice. However, because each market is different, you can also setup and customise your own consent paragraphs. Using this system within Strato will ensure that you never undertake any marketing or communication activities that a customer has not consented to.

What about Third Party Sharing?

We have GDPR compliant contracts and processes in place with any third party sub data processors we deal with. Details are available on demand.

GDPR is More Than Software

It is essential that you realise that even if you are using a GDPR compliant software system to handle Patient data, that does not mean that you are GDPR compliant. It means that your office management system is technically compliant, the onus is on you to institute processes and procedures to ensure that the way you use the software and how you share information within your organisation and with third parties is compliant.

If you have any questions on this matter, contact Sheraz Javed at sheraz@auditdata.com and for any other Strato matters, contact Morten Sandahl Sørensen at morten@auditdata.com