GDPR Compliance at Athena Software

What is the GDPR?

The GDPR (General Data Protection Regulation) is a new EU Regulation which will replace the 1995 EU Data Protection Directive (DPD) to significantly enhance the protection of the personal data of EU citizens and increase the obligations on organisations who collect or process personal data. It will come into force on 25th May 2018.

To learn more about the GDPR you can visit this page.

 

Does the GDPR affect me?

While the current EU legislation (the 1995 EU Data Protection Directive) governs entities within the EU, the territorial scope of the GDPR is far wider in that it will also apply to non-EU businesses who a) market their products to people in the EU or who b) monitor the behavior of people in the EU.

In other words, even if you’re based outside of the EU but you control or process the data of EU citizens, the GDPR will apply to you.

Disclaimer: This page does not include any legal advice. It is designed to help you understand how Athena Software is addressing some of the legal issues under the new regulations.

What has Athena Software already done to ensure GDPR compliance?

 

We’ve taken an inventory

We’ve conducted an inventory of all our systems, and the data they store through the GDPR lens. This has been a stepping stone to creating the rest of our GDPR compliance plan and understanding our third-party providers.

We’ve updated our Terms of Use and Privacy Policy

So what’s changed? Well, we’ve added some information that lets you know that Athena Software does not use personal data for profiling purposes, and we don’t collect data on children (aged 18 or less) without parental consent. The Policy now contains a more comprehensive statement on the transfer of data across borders. We also touch on what happens if you don’t provide personal data on our website. If you’d like to read it for yourself you can find our Terms of Use and Privacy Policy here.

We’ve updated our Breach Notification Policy

Athena Software has reviewed and updated our existing breach notification policy. Under HIPAA, we had already established a strong breach notification policy that we will now be deploying globally.

What else is Athena Software doing to ensure GDPR compliance?

 

We’re giving you some tools to be GDPR compliant

Under the GDPR you need to be able to do certain things. We’re creating some use case resources to help guide you through those processes in Penelope.

We’re considering subcontractors

Athena Software works with a few subcontractors. We are implementing an ongoing policy to ensure they adhere to the same high standards that we demand of our own organization.

We’re developing employee training

Employees of Athena Software will be given training around the new GDPR standards, in addition to their existing ISO and HIPAA training.

If you have any questions about how we’re handling the upcoming launch of the GDPR we’d love to chat with you about it. Just send us an email at [email protected] with your questions and we’ll get back to you as soon as we can.

Ready To Get Started?