The two-year grace period ended on 25 May 2018, and the EU General Data Protection Regulation (EU GDPR) now applies fully in all Member States of the European Union. The regulation applies to all companies – including healthcare institutions. The patient data collected in these institutions are often special category data.

In order to meet the increased demands regarding the protection of this information, it is recommended to install a data protection management system. With the NEXUS / GDPR data protection toolbox, the four core tasks ensuing from the GDPR are there at a glance, in full at any time:

• Identify: Identification of processes and procedures for collecting and processing  personal data
• Manage: Form-based recording and structuring of all information about the personal data collected (e.g. purpose of recording, data subjects, processors etc.)
• Protect: Implementation, management and control of the data protection measures taken
• Report: Simple and fast generation of reports from the database

NEXUS / GDPR fully integrates with the NEXUS / CURATOR QM system and can be extended with the optional components data protection risk management, data protection audits and data protection training management.