Scroll Top

Case study

HEALTHCARE

CUSTOMER

Our customer provides care to the elderly. Sometimes for a short while, sometimes longer, sometimes forever. Our customer runs fifteen locations and one rehabilitation center, all located in the northern province of Fryslân in the Netherlands. Our customer wants to be at the forefront of innovations in (elderly) care.

THE CHALLENGE

Our customer is obliged to comply with the EU General Data Protection Regulation (GDPR). Personal data, including medical information, are at the core of their daily operations and have to be protected at all times. The GDPR requires a number of registrations (such as keeping records of processing activities) and procedures (such as handling data-subject requests and responding to (suspected) data-breaches).

Our customer also needed a solution to help reduce the administrative burden of managing contracts and agreements, as well as consent, and to help put in place a solid procurement process. Additionally, our customer considers certifying against NEN 7510, which is the Dutch standard for information security for healthcare organisations and supersedes ISO 27001.

case-study healthcare

THE SOLUTION

Our customer chose GRC-Boxx primarily because of its support for GDPR compliance. However, it soon became obvious that GRC-Boxx would also have a positive effect on other processes, such as contract management and procurement. Being able to design and implement procedures on the fly, is a key strength of the solution!


Controls are supported by “evidence” in the form of documents uploaded in GRC-Boxx or links to other systems, registrations that need to be filled-in, and procedures that have to be followed. The entire organisation can be involved in the process, as tasks can be assigned as necessary, monitored by GRC-Boxx which sends reminders and triggers the appropriate escalations if necessary. Sustaining a high level of organizational involvement is necessary when in the process of becoming or staying compliant in regulated business environments.

GRC-Boxx offers additional functionality, like:

  • Single Sign-On (SSO) supporting a variety of means of authentication:
  • Flexible, customisable procedures
  • Full GDPR compliance, including a data-breach process
  • Incident management
  • Internal & external audit support
  • Supply-chain compliance (sending requests, collecting responses)
In addition to this, it is also possible to extend its functionality with your own process(es).
Request a presentation
Our website uses cookies from third-party services to improve your browsing experience.
Read more about this and how you can control cookies by clicking "Privacy Preferences".
Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in the form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.
Privacy Policy
You have read and agreed to our Privacy Notice. The link can be found in the footer area of this window.
Required
Tracking
We use Google Analytics to understand how visitors engage with our website . If you don’t want Google Analytics to be used in your browser, you can install the ‘Google Analytics Opt-Out Browser Add-On’, provided by Google.
Required
Google Maps
This website uses Google Maps to display our office address and provides directions to our offices from a location supplied. If you do not ask for directions, your location will not be tracked.
Privacy Notice