GDPR
Consultancy
and Services
Home | What We Do |
GDPR
GDPR
As a company that has developed and hosts multiple databases across multiple specialties holding more than a million records worldwide - that contains clinical, personal and sensitive data - data protection and UK/EU GDPR compliance is at the forefront of Dendrite’s software and registry development and implementation processes.
Unique data analysis and reporting
Customer data protection requirements are frequently dependent on local data protection regulations and legislations, so Dendrite has very carefully selected a number of sub-contracted server hosts to ensure that they not only meet customer service requirements but also the legal requirements of UK and EU GDPR. Dendrite is currently able to provide sub-contracted server hosting services at the following:
- RedCentric (UK): For registries to be accessed within the NHS (over both HSCN and Internet)
- OVH (UK): For the implementation of International registries
- OVH (France): For the implementation of European registries
- RackSpace (USA): For the implementation of North American registries
- Spark Health (NZ): For the implementation of registries in New Zealand
All server hosts are Tier 3 providers, offering 24x7 monitored secure environments with stringent security processes (including firewall monitoring). Connections to all servers is 256-bit encrypted and/or via VPN. However, if customers wish to arrange their own registry server host, or would like us to sub-contract a server host in a different country, this can be accommodated.
Dendrite GDPR & Data Protection compliance
- ICO Registered - As required under the UK Data Protection Act (2018)
- Cyber Essentials Plus certified
- DSP Toolkit – Exceeds Expectations - As required by UK NHS digital to process UK NHS data
Included within the DSP Toolkit requirements, Dendrite are required to prove that requirements have been met in the following:
- Annual Independent penetration test of core Intellect web software
- Annual data protection training has been provided to, and passed by, all staff
- Appropriate security policies are in place and are reviewed annually
Dendrite Intellect Web Software
The security surrounding user logins is aligned to Industry data protection standards (including multi-factor authentication) and the security model built into the core Intellect web software ensures that records can only be accessed by those users so authorised. In addition, the inclusion of “user application flags” can be incorporated to limit the functions that each user is able to see.
GDPR Documentation
As defined by UK and EU GDPR, Dendrite are always a “Data Processor” for national registry implementations, and as a consequence mostly dependent on “Data Controllers” to provide the necessary documentation for their registries. However, Dendrite can provide assistance with this documentation and also providing various templates/examples:
- Data Processing Agreement
- Privacy Notice / Patient Information Letters (incorporating Subject Access Request and opt-out processes)
- Data Sharing Agreements
- Data Privacy Impact Assessment
- Data Flows Diagram
- Informed Consent forms
Would you like to know more?
Case Studies
News
Two distinguished members join Dendrite’s Scientific Advisory Board
Dendrite Clinical Systems has announced the appointment of two members to the company’s newly established Scientific Advisory Board – Sir Bruce Keogh (KBE FMedSci FRCS FRCP) and Professor Anthony Goldstone (CBE MA (Oxon) FRCP FRCPE FRCPath).
UzAMBS and Dendrite Clinical Systems to establish National Registry of Bariatric and Metabolic Surgery of Uzbekistan
The Association of Bariatric and Metabolic Surgeons of Uzbekistan (UzAMBS) and Dendrite Clinical Systems will establish a National Registry of Bariatric and Metabolic Surgery of Uzbekistan.
Dendrite and LumiThera initiate EUROLIGHT Registry Study to Evaluate Long-term Benefits of Photobiomodulation (PBM) Treatment using the Valeda® Light Delivery System in Patients with Dry Age-Related Macular Degeneration
Dendrite Clinical Systems and LumiThera have initiated the largest photobio-modulation (PBM) study ever conducted. The multi-center clinical registry, EUROLIGHT (European Union Registry Study) will enroll 500 to 1000 patients treated with with PBM.
What We Do
National and International Registries
As a recognised leading provider of clinical registries, we have an unparalleled track record of implementing over 200 major clinical registries for major research projects.
Clinical
Trials
Enabling powerful data capture, our clinical trial software can be designed to suit any clinical research or scenario from specific diseases to clinical procedures.
Real World Evidence
A specialist provider of clinical trials and registries, we have unique experience in the field of Real World Evidence studies.
Registry
Reports
We have extensive experience in publishing clinical database reports in collaboration with national and international clinical societies and hospitals.
GDPR Consultancy
GDPR Consultancy seamlessly guides our clients through the requirements and responsibilities of GDPR legislation.
Hospital
Systems
Enabling hospitals, departments, clinics and clinicians to create and manage their own databases to collect, analyse and report data.
MDT
The pioneering MDT Workflow software can be deployed across any specialty and allows the entire patient journey to be tracked within a single, secure system.
Data
Analysis
Our in-house data analysis team work to reveal and interpret key messages from your data through expert analysis.
ePROMS
The ePROMS software can automatically send a secure personalised PROMS questionnaire to patients to complete on their smart-device and the data returns automatically to the registry.
Medical Newspapers
Since 2009, we have designed and published over 20 specialist medical newspaper for numerous medical specialities and societies.