On May 25 2018, the new EU General Data Protection Regulation of the EU (GDPR) comes into effect. Personal data will become subject to new security regulations. What does this mean for you as an AMPAREX user?
1. Responsibility for personal data
After signing the offer to use AMPAREX Online, you will receive the access data to your AMPAREX system. Usually your AMPAREX database will contain no customer data in its delivery state and is therefore automatically GDPR compliant. When adding the first customer on AMPAREX you’re creating the personal data in the system and are therefore become responsible for the compliance with the GDPR rules. According to the GDPR rules you are solely responsible for your customer data.
2. Order processing
Since the data is not stored in your practice but in the AMPAREX computer centre, AMPAREX, as a service provider, is involved in the process of processing your data. Using the GDPR language AMPAREX is your data processing contractor. Therefore we’re obligated to comply with the GDPR regulations. Formally speaking signing an appropriate contract for data processing could be required.
We have prepared such a contract, describing AMPAREX services in more detail. In the attachment to the contract there is an overview of the technical and organizational measures we take to ensure your data is protected (server location, backup procedures, access control, etc.).
Please request your contract by e-mail sent at datenschutz@amparex.com.
You should analyse your processes with third-party companies for the eventual disclosure of data and ask the affected companies for GDPR compliance. Those could be:
- tax advisiors
- marketing agencies
- letter shops
- suppliers, when transferring customer data for orders or repairs
- SMS providers
- third party payers & accounting centers
3. Checklist
AMPAREX does not leave you alone with the GDPR regulations, but helps to provide you with the necessary tools for their implementation. Therefore, check whether you have already implemented the following points:
3.1. Start AMPAREX only with encrypted data transmission.
In the standard installation, AMPAREX always works with encrypted data transmission using HTTPS protocol (known, for example, from online banking). A connection with the unencrypted protocol HTTP is still possible. This protocol is needed to handle anti virus software and web proxy settings. However if this protocol is being set up for you, AMPAREX will prompt you that you’re still using it.
3.2. Data storage and advertising acceptance
Let your customers sign a data storage and advertising acceptance document. To ensure that you do not forget to do so, create a mandatory "Privacy statement" step in all your process templates and assign the document "Data protection declaration" from your document templates to this step. This template could be "Signo-Pad" capable (enabled for a digital signature). This process step programming is "intelligent"; you do not have to sign the declaration every time you start a new process. Once the customer has signed the declaration, this step will no longer appear.
3.3. Google synchronisation
If you use Google calendar synchronisation to display your appointments on your mobile phone, certain customer data from AMPAREX organiser might be transferred to Google, depending on your settings. We therefore recommend to switch to the alternative CalDAV synchronisation. With CalDAV, your smartphone syncs directly with your AMPAREX server/organiser.
3.4. Consent for data capture (acoustics)
New hearing aids have the ability to store real-life listening situations and later provide the audiologist with such data for evaluation. From a privacy point of view the consent of your customer might be necessary to log such data onto a hearing aid. Let us know if you wished to use the "Consent for data capture " template for your processes. This template could be also made "Signo-Pad" capable.
3.5. Possible order forms amendment
Transfer only anonymous customer data to third party companies as long as it’s possible. Especially when ordering the customer name is gladly handed over on order forms to be able to assign the goods to the right customer at the time of delivery. However, the data of your customer should not really be of any concern to your supplier. It should be in your own interest to prevent your supplier from building up a database of your customers. Please check all your order documents, whether the transfer of customer names is really necessary and replace the placeholders with the anonymous identifiers listed below.
3.5.1. Anonymised AMPAREX customer code
Even the customer number says something about the size of your customer base, every customer in AMPAREX has a unique anonymous code. It is a 9 digits code and consists of numbers and letters. You can find the code under the "Administration" tab on the main customer page.
3.5.2. Use anonymous placeholders in documents
Avoid adding customer data to documents you send to third parties. Instead use:
the anonymous customer code:
LibreOffice / AMPAREX placeholder name: <customer/customercode>
the customer number:
LibreOffice / AMPAREX wildcard name: <customer/customernumber>
the operation number:
LibreOffice / AMPAREX placeholder name: <process/number>
3.7. Anonymise Noah (Acoustics)
When receiving data from AMPAREX Noah expects the transfer of customer name, date of birth and address. This data is not required for hearing aid fitting. It is possible to use a chain setting to send only the anonymous customer code instead of the surname to Noah. If this option is activated, the address will not be transferred as well. To apply this setting please got to >>Branch office administration >>Safety >> Noah.
3.8. Right to be forgotten
According to the GDPR your customer has a right to be forgotten. Until now, you could set customers to "Deleted" in the database, but these customers could be still accessible via the customer search and the selection mail functionality. If you were asked to anonymise the customer, you will find the corresponding function in the "Extras" module on AMPAREX. Please note that the anonymisation does not delete the customer from the database. Such customers will no longer be found using the customer search or the selection mail function but legally relevant data such as transactions, offers, invoices will remain in the system so they can be audited by the authorities like the tax office. Instead of customer name a note "Anonymised on 09.05.2018" will appear.
