Compliance

The type and amount of personal data you may process depends on the reason you’re processing it (legal reason used) and what you want to do with it. The BlueCloud Network respects several key rules, including but not limited to EU General Data Protection Regulation (GDPR):

  • The BlueCloud Network collects and stores personal information and limited data sets, in a lawful and transparent manner, ensuring fairness towards the individuals  and ensuring personal data with lawfulness, fairness and completed transparency.
  • BlueCloud data is not processed by our organization, instead, any and all data is owned by the individual who are empowered to then use their own BlueCloud Networking tools to allow access to third parties who furthermore must indicate to the data owner the  purpose when sharing their own personal data. BlueCloud does not collect or store data simply for undefined purposes but for explicit purposes which the data owner may find it suitable to store their data for their own personal use.
  • The BlueCloud Network only maintains personal data that is necessary to fulfill a specific purpose (‘data minimisation’).
  • Even though the BlueCloud Network members are responsible for ensuring  their own personal data is accurate and up-to-date, having regard to the purposes for which it’s processed, the BlueCloud Network proactively provides members with the proper tools to  help our members correct if not accurate (‘accuracy’).
  • The BlueCloud Network does not use personal data for any other purposes that are not compatible with the original purpose of collection by the data owner.
  • The BlueCloud Network ensures our members that personal data is stored for no longer than necessary for the purposes for which it was collected (‘storage limitation’).
  • The BlueCloud network has proactively installed the  appropriate technical and organisational safeguards that ensure the security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technology (‘integrity and confidentiality’).

 

HealthCarePoint follows an array of compliance guidelines including the document 21 CFR Part 11; Electronic Records; Electronic Signatures, Maintenance of Electronic Records “Draft Guidance For Industry” prepared under the aegis of the Office of Enforcement by the FDA Part 11 Compliance Committee. The committee is composed of representatives from each center within the Food and Drug Administration, the Office Counsel and the Office of Regulatory Affairs.

SUMMARY: A secure, reliable environment that maintains hosting, physical security, logical security via vXCHNG -SSAE-16-SOCI certified hosting facility. Renewable disaster recovery plans and redundant back up processes are in place. Additional redundant processes and infrastructures can be added on a case by case basis. Agile software methodology processes is used when creating new software and technology improvements. Whenever required, each separate HealthCarePoint’s networking vehicle can adapt independently to an array of electronic signature requirements as per a series of continuously virtually and locally audited and proprietary Standard Operating Procedures (SOPs). Using proper channels and proper procedures, SOPs can be demonstrated to VIP industry auditors which require such virtual and on-site proof of vendor audits. HealthCarePoint’s proprietary networking software is and will continue to be created in-house to minimize the risk of infiltration which is tested via third party tools and testing technologies. HealthCarePoint’s Primary Engines and Networking Systems are not created using open-source technologies.