03 October 2017
Worrying about Procuring with GDPR around the Corner?
When a healthcare organisation looks for a new supplier, there are many security checks that need to be achieved before the company can procure the product or services. With the uncertainty that GDPR brings, it can make these organisations wary of looking for new suppliers at present, as they could currently uphold satisfactory standards for security but this may not be the case when the GDPR takes effect.
Healthcare organisations do not need to worry when procuring live chat, as Click4Assistance’s Data Protection Office (DPO) is ensuring they are keeping up to date with any changes that will affect the use of live chat and advising on these to ensure the end user remains compliant.
Receiving Consent before Engaging
Buckinghamshire Citizens Advice Bureau already has something similar in place on their prechat form. A link is included to their data policy where the visitor can view further information before agreeing with the policy, once ticked the visitor can then enter a chat.
When the GDPR takes affect any additional information that the Bureau needs to disclose can be simply added to their data policy page and the pre-chat form can easily be amended to make it clear that by agreeing with the data policy, they are providing their consent for their information to be used in the manner outlined by the policy.
Simple contact capture forms will also need to be reassessed to ensure that they are feeding into a secure, compliant and robust back end system. The visitor will need to provide their consent along with their personal data. In a similar manner to the prechat form, smartContact forms are fully customisable, they can include a validation checkbox or a drop down where the individual can select that they give their consent, once completed the enquiry is sent to an assigned email address.
Right to Erasure
Visitors now have a right to be forgotten, if they renege their consent after the data has been processed, any chats they have had can be easily identified and removed from the system and therefore the servers, meaning no record of the chat or the visitor details will continue to exist within the Click4Assistance solution. IP addresses are now classed as identifiable personal data therefore records of it that may appear in visitor tracking, or set against a prospect can also be easily found and removed.
Organisations that will need to permanently remove their data on time specific basis can agree with Click4Assistance to set up an automatic purge, which will run every day. For example, companies wanting to eradicate data over a year old, the query will identify details that are a year and a day old, and permanently wipe them from the system and servers.
Live Chat Security
Click4Assistance is regulated by ICO and complies with the Data Protection Act 1998 and stringent regulations set out by FCA. Data is transmitted through the solution over https/SSL using SHA-256bit encryption. Our appointed DPO will ensure our chat solution will continue to conform with new data protection laws and advise our customers on how they can remain compliant when using the Click4Assistance chat box for website software.
Click4Assistance has been supplying live chat software for over 10 years to the healthcare industry, ensuring customers, such as BMI Healthcare, CWP NHS and The Priory Group’s use of live chat complies with data protection rules. For more information speak with our healthcare co-ordinator on 01268 524628 or email firstname.lastname@example.org.