Europrivacy: The European Data Protection Seal
 

How DPO as a Service helped MyC showcase compliance and win new customers

“We have managed to solve 100% of data privacy issues with GRC Solutions” – Dr Laurent Bonnardot, Cofounder and Chairman

About MyC

MyC is a powerful Cloud solution for managing medical services. Trusted by organisations across the globe, MyC’s module-based platform allows organisations to manage patient or employee health records, monitor patient satisfaction, spot trends in injuries, comply with regulations and monitor pharmacy stock levels. The platform’s ability to generate reports across a wide range of data points delivers real-world insights for their customers but requires strict monitoring from a data protection standpoint.

The issue

It was clear to MyC’s founders when starting up that data protection was going to be integral to the success of the platform. Global data protection compliance was at the forefront of MyC’s strategy, as the platform processes large amounts of sensitive personal data.

Initially, MyC did not have the internal competency nor the budget to afford the qualified team of data protection experts required to support with risk assessment, overseeing data processing activities and support with contracts, policies and procedures.

“The main issue was to make sure that we had the highest standards in terms of data protection and privacy, and for that we needed a partner who had the highest expertise in the domain – we cannot afford to learn through mistakes” – Dr Laurent Bonnardot, Cofounder and Chairman

The issue

MyC initially came to GRC Solutions for a DPIA and ISO 27001 certification support. They’ve now had DPO as a Service since April 2021, receiving:

  • A dedicated, qualified DPO with the availability and expertise they need
  • Accurate, commercial advice to progress the growth of MyC
  • Contract flexibility, depending on their needs
  • Support with creating their ROPA, policies, procedures and contracts

The outcome

“We managed to get more autonomy, we used to have weekly meetings and now it’s based on the demands we have, thanks to Dr Loredana who shared her knowledge and trained our people to handle basic requests” – Dr Laurent Bonnardot, Cofounder and Chairman

Now, having had DPO as a Service for 4 years, MyC have worked closely with their DPO to:

  • Win countless new customers thanks to their DPO joining customer calls to explain specifics of MyC’s data protection compliance
  • Assess secure services providers and enable them to work together by answering 1000s of compliance questions
  • Get ISO 27001 certification in less than 3 months
  • Implement a privacy by design approach, ensuring the platform can be adjusted to comply with varying data protection laws globally
  • Deliver training for their staff, enabling them to reduce the hours needed from GRC Solutions

“Through their support we always manage to find the best procedure to get green listed” – Dr Laurent Bonnardot, Cofounder and Chairman

Compliance and business goals should work together – not against each other

DPO as a Service
 

Designed and delivered by qualified data protection officers 

  • Expert guidance from a qualified DPO when you need it 
  • A tailored solution with your own dedicated DPO 
  • True independence to keep your data protection strategy on track 
  • Proactive risk management to identify risks before they become breaches
Get commercial and pragmatic advice now
 
Loading...