Health, Wellness & Medical

A healthy data hygiene

Hospitals, health clinics, wellness centers and medical practices typically have a wealth of sensitive information. Some of this information is stored in secure IT systems, but some is not. This typically when you are in contact with patients and employees via e-mail. How can you keep track of all this sensitive data? And how do you ensure that it does not take up time from the patients?

Insurance cards, medical records og payment info

It’s no secret that confidentiality is key in healthcare. After working with a number of companies in the Health Service, we know that the sensitive data you have is typically:

  • Contact information
  • Medical record
  • Dental history
  • Insurance information
  • X-rays
  • Payment information
  • … and much more

Processing sensitive data requires great data discipline from the employees. The processing errors that are made within the healthcare industry when it comes to sensitive information are typically that you don’t actually know where the data is, you receive sensitive files unencrypted by mail, and you have copies of the same sensitive data lying around in several places.

How we can help you

Use case for Apotekernes A.m.b.a.

Apotekernes A.m.b.a. recognized the need to gain control over sensitive personal data in their email system – particularly CPR numbers that might be hidden in old threads and attachments. Although it wasn’t an acute issue, they chose to act proactively. After being introduced to DataMapper, they adopted the solution to gain better insight and bring structure to their daily routines. With DataMapper, Apotekernes A.m.b.a. has gained:

Simple workflows where employees clean up themselves
Increased data awareness across the entire organization
Peace of mind knowing GDPR-related content is continuously monitored

Peter from Apotekernes A.m.b.a. tells their story

Peter Jørgensen
Finance and IT Manager at Apotekernes A.m.b.a.
LinkedIn profile

A Simple Solution for Identifying GDPR Data
At Apotekernes A.m.b.a., we had long suspected that sensitive personal data might be stored in our email inboxes — particularly CPR numbers hidden in old threads or attachments. Although it wasn’t an urgent issue, we could almost deduce that it posed a potential risk that needed to be taken seriously. When we were introduced to DataMapper, we quickly saw that it could be the right solution for our needs — an easy way to identify GDPR-related content without manually combing through everything.

Systematic and User-Friendly Review
We use DataMapper by having our employees log in a couple of times a month to review their current status. If emails with sensitive content are identified, the user is asked to take action — either clean up or document the necessity. It’s a simple workflow that helps ensure compliance without causing unnecessary disruptions in a busy workday. The automated detection saves us time and gives us peace of mind knowing we are continuously in control of the data in our email environment.

Raising Awareness Around Data Responsibility
While we haven’t seen a direct impact on our overall workflows or business growth, DataMapper still contributes something valuable — increased awareness and structure regarding how we handle personal data. Encouraging employees to become more conscious of the information they hold, and ensuring there’s continuous follow-up, is in itself a meaningful gain for an organisation like ours.

We use DataMapper by having our employees log in a couple of times a month to review their current status. If emails with sensitive content are identified, the user is asked to take action — either clean up or document the necessity.

A Relevant Tool – and a Positive Experience
DataMapper is especially useful as a tool for identifying sensitive emails and supporting internal GDPR awareness. It’s easy to get started with and works well in practice — even though we’ve encountered a few false positives. The price might seem a bit high to some, but weighed against the risk of lacking insight, it’s a good and relevant product. Our collaboration with Safe Online has also been smooth throughout — we’ve experienced a good dialogue and a professional approach from their side.

Results and savings for Apoterkernes A.m.b.a.

840.000

Risk documents, emails and images found in the company’s storage.

58.800

Risk documents, emails and images found in the company’s storage.

550

Hours of work saved per year by the company.

We develop tools to manage sensitive data