“We have required Versusconsulting’s expertise for an evaluation audit of our esthetic surgery practice compliance with the GDPR. The process started with a questionnaire in order to verify 160 points of compliance. The tool is very well designed, it is quick to use and the wording is easy to understand for the IT novices that we are. The auditor masters the GDPR perfectly. He has managed to guide us and illustrate the different challenges throughout practical examples, allowing us to understand them better. Although one point wasn’t relevant for us as the forget right doesn’t exist in medicine practice.
Afterwards, Versusconsulting made a feedback, detailing the recommendations coming out of the audit, and the 6 steps approach to get compliant. As we do not master the RGPD expertise, we realized that we needed to be supported to execute the action plan.
As we didn’t have any idea of the challenges and consequences of the GDPR, we did appreciate Versusconsulting’s structured, educational and quick approach. We received an audit file containing a very clear vision of our practices, potential risks and a hierarchization of the actions to be implemented.
In fact, we can already be compliant with the governance principle and accountability simply by formalizing a document on our personal data process policy. Then, after changing our patient software, we will take care of the external backup, obtaining consents and managing the process register. Two points could be easily solved thanks to the automated data process and consents management platform developed by Versusconsulting.
Even though our compliance procedure will lead to a time and financial investment, it will mostly helps us structure our practice and tools to ensure our patients a secure use of their personal data."
Doctor Philippe Saury
Plastic Surgeon - Villa Isabey