CONNECTEDLIFE’S DATA MANAGEMENT AND ASSURANCE
How User Data Is Managed
For our commitment and capability towards data protection, we are accredited with the Health Insurance and Portability and Accountability Act (HIPAA) in the United States and General Data Protection Regulation (GDPR) in Europe.
Find out more about our certifications below, and email us at firstname.lastname@example.org for data-related enquiries.
Data Protection Trustmark
ConnectedLife was awarded the Data Protection Trustmark (DPTM) certification by Singapore’s Infocomm Media Development Authority (IMDA) for its commitment and capability towards data protection. Receiving the DPTM means that we have a robust framework in place, and responsible practices that are up to standard with IMDA’s guidelines. Put simply, as a valued customer at ConnectedLife, you can be assured that your personal data is safe with us. Our employees are trained to protect and manage your data in accordance with the Personal Data Protection Act (PDPA).
The PDPA comprises various rules governing the collection, use, disclosure and care of personal data. It recognizes both the rights of individuals to protect their personal data, including rights of access and correction, and the needs of organisations to collect, use or disclose personal data for legitimate and reasonable purposes..
ConnectedLife’s data management and assurance ensures that all data is anonymised and information of users on our platform is never compromised.
HIPAA Seal of Compliance
HIPAA is made up of a set of regulatory standards governing the security, privacy, and integrity of sensitive healthcare data called protected health information (PHI). PHI is any individually identifiable healthcare-related information. ConnectedLife Health has completed Compliancy Group’s Implementation Program, adhering to the necessary regulatory standards outlined in the HIPAA Privacy Rule, Security Rule, Breach Notification Rule, Omnibus Rule, and HITECH. By working with the Compliancy Group who specializes in HIPAA Training and Compliance, we have been able to focus our efforts on getting to a stage of HIPAA compliance and our continued efforts would go into maintaining our standards and ensuring our compliance requirements are continuously met.
General Data Protection Regulation
As a company, we are aware of our responsibilities under GDPR and have taken the following actions towards compliance:
Removed all pre-filled tick boxes for “opt-in” consent from our website.
Trained our staff to understand GDPR, and the key concepts of Privacy Impact Assessments, Privacy by Design, Transparency, Consent, Subject Access Requests and Responding to Data Breaches.
Established formal contracts so that all suppliers we use who handle data about our company are aware of their responsibilities under GDPR and comply as Data Processors.
Reviewed our Data Protection Policy to ensure we do not retain any data longer than is appropriate as a legal requirement.
Amended our internal processes and procedures to establish who has access to what data within our company to minimize handling of sensitive personal data and how long it is retained for.
Created a system for dealing with any Subject Access Requests that individuals may make related to the data we hold about them.
Established a process for undertaking regular Internal Audits that will include checking GDPR compliance.
Copyright 2020 ConnectedLife Health Pte Ltd