GDPR & FDNA
Our Commitment to You and the Protection of Your Data
We’re committed to helping our partners and users understand and prepare for the General Data Protection Regulation (GDPR). The GDPR is the most comprehensive EU data privacy law in decades and goes into effect on May 25, 2018.
Besides strengthening and standardizing user data privacy across the EU nations, it requires new or additional obligations on all organizations that handle EU citizens’ personal data, regardless of where the organizations themselves are located. On this page, we’ll explain our methods and plans to achieve GDPR compliance.
- Preparing for the GDPR
- Security Infrastructure Standards and Certifications
- Communications and Data Management Tools
- Stay Updated
The GDPR’s updated requirements are significant and our global team has been working diligently to bring FDNA’s product offerings and business practices in line before May 25, 2018. Measures to achieve this include:
- Continuing to invest in our security infrastructure
- Offering preference settings for communications management
- Clarifying communication consents within existing relationships
We’ll also continue to monitor the guidance around GDPR compliance from privacy-related regulatory bodies and will adjust our plans accordingly if it changes. We’ll provide you with regular updates along the way so that you’re always current.
Protecting our users’ privacy is extremely important to us. As a company entrusted with personal health information, we’ve set high standards for security. We are registered with SII-QCD as conforming to the international requirements of ISO/IEC 27001:2013, certificate number 86668, and continually update our employees to maintain HIPAA compliance.
FDNA has invested heavily in building robust security measures based on best industry standards to handle a variety of issues. In accordance with GDPR requirements around security incident notifications, FDNA will continue to meet its obligations and stay up to date with best practices.
If you’d like to learn more about FDNA’s security policies and procedures, please see the list of resources below. It provides detailed information on how we approach security.
To comply with the GDPR, we are creating several tools and processes.
Compliance-related tools include the following:
- Communications preferences: Change your personalized communication settings at any time.
- Profile deletion option: Request for FDNA to delete your personal information, such as name and email addresses, from FDNA’s system by emailing our data protection officer at firstname.lastname@example.org.
Fulfilling our privacy and data security commitments is important to us. So we’re glad to help you prepare for all the changes the GDPR brings. This page will be revised to reflect GDPR-related information as it becomes available. If you have any questions about how FDNA is working towards and maintaining compliance, we hope you’ll reach out to us.