Recertification 2019 in progress 

Recertification: 08/2016

StatConsult, Gesellschaft für klinische und Versorgungsforschung mbH, proved that its IT-based service Haemoassist® 2 complies with EU data protection law. Haemoassist® 2 is a smart-phone based therapy management application for haemophilia patients and their physicians. It consists of an electronic patient diary (application) in interaction with a web based monitoring-interface for the attending physicians. Patients may not only use Haemoassist via the smartphone app, but also via a dedicated web interface. Patients and their physicians can be sure that processing of personal data –based on patient’s freely given declaration of consent - is in line with the demanding provisions of EU data protection law.

Image

Disclaimer:

This register is kept with the utmost care. However, EuroPriSe does NOT guarantee the accuracy of information found on the Site. Your reliance on information found on the Site is at your own risk. For more information please go to EuroPriSe Terms & Conditions.

Image

European Privacy Seal for Haemoassist® 2

Product/Version

Haemoassist® 2 (v2.4)

Function as provided in August 2016

Qualification: IT-based service

View the Haemoassist® 2 Certificate

Cert. No.

EP-S-R797FS

Validity

12/08/2016 - 31/08/2018

Initial Certification: 08/10/2014

Monitoring

04/2017 (O.K.)

12/2017 (O.K.)

Public report

Recert2016: Haemoassist® 2 (v2.4) Short Public Report [PDF] Image 

Haemoassist® 2 Short Public Report[PDF] Image

Manufacturer/Provider

StatConsult
Gesellschaft für klinische und Versorgungsforschung mbH
Halberstädter Straße 40a
39112 Magdeburg
Germany

BEST

The Haemoassist® 2 IT-based service uses only pseudonymised data: Instead of the patient´s name, a specific ID is stored in the database of the service. The correlation of the patient´s name to this ID is only known to the patient and his/her physician.

ATTENTION:

Patients and physicians should pay special attention to privacy related issues of their IT systems (smart-phones, clients, etc.), as these items do not form part of the ToE.

Summary

The Haemoassist® 2 service compiles and stores data from patients and physicians that concerns the type of therapy and the development of the medical condition. This data is stored on the patients’ smartphones and in the central database. Instead of the patient´s name, a specific ID is stored in the database of the service.   

Details

Recert 2016

A new technical functionality was implemented for patients: They can now access the IT based-service not only via the already known smartphone app, but also via a new web interface which is secured by login + password and TANs. The (re-)evaluation of the EuroPriSe Experts concluded that this web interface as well as all other relevant components of Haemoassist® 2 (still) meet all applicable legal and technical EuroPriSe requirements (for details, please cf. the current version of the Short Public Report).

Initial Cert

Haemoassist® 2 is a smart-phone based therapy management application for haemophilia patients and their physicians. It consists of an electronic patient diary (application) in interaction with a web based monitoring-interface for the attending physicians.

The target of evaluation consists of the following components:

  • Provisioning of the electronic patient diary as well as the portal for physicians
  • The user registration process
  • All IT systems necessary for providing the electronic patient diary and the browser based application portal
  • Relevant contractual clauses

Excluded from the target of evaluation are the following components:

  • IT systems (clients) used by doctors and the smartphones that are used by patients to gain access to the Haemoassist® 2 service
  • Networks or active network components and further IT systems used to transfer or handle data 

Every patient automatically receives a “welcome package” from his/her physician describing the Haemoassist® 2 service in detail before he/she can download and use the Haemoassist® 2 app. The declaration of consent form for patients is part of this “welcome package”.

The Haemoassist® 2 service is limited to EU-member states and ist IT servers are located in Germany. The storage of personal data takes place only in Germany, but the Haemoassist® 2 service can also be used by patients who live in Austria, Denmark and other countries of the European Union.

Technical Evaluator

Knut Haufe

PERSICON consultancy GmbH
Friedrichstraße 100
10117 Berlin
Germany

Legal Evaluator

Hannelore Jorgowitz

PERSICON consultancy GmbH
Friedrichstraße 100
10117 Berlin
Germany

© 2008 - 2019 | EuroPriSe GmbH - European Privacy Seal | Handelsregister-Nr. (Commercial Register No.): Bonn HRB 20387

No responsibility for the accuracy of the information. Contact | Privacy Notice | Imprint

Product/Version

REISSWOLF f.i.t.

v1.5; service function as provided in 05/2018

Qualification: IT product and IT-based service (processor service)

View the REISSWOLF f.i.t. certificate

Version of Certification Criteria

11/2011

Cert. No.

EP-S-X5TSCN

Validity

24/05/2018 - 31/05/2020

Monitoring

01/2019

09/2019

Public Report

f.i.t. Short Public Report Image Image 

Manufacturer/Provider

REISSWOLF Systems GmbH

Im Heegen 13
22113 Oststeinbek
Germany

BEST

Access policies can be used to restrict system usage to specific times of the day and/or IP addresses to reduce the attack vector for third-party access. A user session is controlled by means of a cross-tab synchronised session countdown.

ATTENTION

Regarding the processing of personal data on third persons by means of f.i.t., it must be highlighted that the (usually) corporate users of the service qualify as controllers whereas REISSWOLF Systems GmbH acts as a processor on behalf of the users. Customers are advised that the legitimate use of the service may require the collection of the data subject's consent and/or declaration of release from confidentiality.

SUMMARY

REISSWOLF f. i. t. is a web-based archiving system for data storage and access. It serves the purpose of uploading, storing, managing and exchanging data in the sense of a document management system. f.i.t. is a web application that can be used with common internet browsers. 

DETAILS

REISSWOLF f. i. t. is primarily designed for commercial use. It is distributed by REISSWOLF Systems GmbH and operated as Software as a Service (SaaS) in a data center in Germany.

The ToE includes

  • The web-based service REISSWOLF f.i.t. (for details, please cf. the short public report)

It does not include

  • REISSWOLF f.i.t. mobile app
  • REISSWOLF f.i.t. hotfolder
  • Office module
  • Teamviewer
  • Other alternative interfaces to clients

Technical + Legal Evaluator

Ann-Karina Wrede
Innungsstraße 7
21244 Buchholz
Germany

Initial Certification: 05/2018

REISSWOLF f.i.t. provides a web-based service that enables companies to upload, store, manage and exchange data in the sense of a document management system. Users of the service are controllers in respect of personal data on third persons that is processed by means of f.i.t.. The service is designed in a way that facilitates the users' compliance with EU data protection law.

Image

Disclaimer:

This register is kept with the utmost care. However, EuroPriSe does NOT guarantee the accuracy of information found on the Site. Your reliance on information found on the Site is at your own risk.

Image

European Privacy Seal for REISSWOLF f.i.t.