Other issues

Other issues

Privacy

Some data can be sensitive in regard to privay. For example, social security numbers are directly identifiable. Patient numbers combined with surgery date and zip code, can be indirectly identifiable. We, however, are not collecting direct or indirect personal identifiable information (PII).

Anonymization

For anonymization purposes, connections between e-mail addresses, Usernames and Passwords are not stored. Nor personal information (e.g., age, gender, city) is asked or stored.

User Data Protection and Security

All the Amazon services that we use for our tools SnApp are certified ISO 27001 (Security Management Standard), ISO 27017 (Cloud Specific Controls) and ISO 27018 (Personal Data Protection). These certifications ensure a very good level of data protection and security. In addition to these certifications, Amazon also allows us to select a specific location (data center) where the entire infrastructure will be located. For the moment this is Ireland. This allows us to ensure that all the data is located within the European Union as per EU regulations. At the application level, we have separate applications for users and administrators and separate Application Programming Interfaces. This makes the authorization process very simple which is good for security.

User rights

All data stored at the server of CS will remain property of CS without any time restriction. A copy of the collected data (responses collected with the tools) and the estimated values are freely available to the customer of a study. See also ‘Terms of Use’.

Terms of use

The terms and conditions for using the HealthFan and the HealthSnApp and its instruments is an implicit text field which can be associated to any newly created instrument. This means that, whenever the local legislation requires it, the conditions can be altered for a specific instrument or study. Therefore, multi-language is an option too. Yet, an English Terms of Use will be the standard.