Kaiku Health stores and processes the personal health information of patients, so data privacy has been a top priority for us since day one. Finnish data privacy laws have always been fairly strict and comprehensive, especially regarding medical records. Therefore, as the EU-wide General Data Protection Regulation becomes enforceable on May 25th, we will be 100% in compliance with it. All the data that we collect has always been the property of our customers (in GDPR terms, the data controller), and this will not change.
From our perspective GDPR is mostly an effort in documentation, albeit a fairly large one, that ensures our compliance to data protection regulation in a standardised manner. Additionally, it provides us with way to demonstrate compliance to strict data privacy laws that is understood across the EU.
Rest assured that we have worked — and will be working — very hard to ensure that your personal data is safe and is not used for anything you have not agreed to. It is our goal to make GDPR compliance as easy as possible for our customers and we will help them in any way we can. We are also pleased that GDPR has raised global awareness of data privacy issues and we are happy to answer any questions you may have regarding our use of your personal data. Additional information on information security can also be found here.