ORTEC and GDPR

ORTEC and GDPR

ORTEC is committed to high standards of information security, privacy and transparency. At ORTEC, we handle data carefully and do everything we can to secure it. Our customers expect that from us as well. ORTEC secures its customer’s as well as its own information in correspondence with applicable law and regulations. 

On May 25 the General Data Protection Regulation (GDPR) will come into effect. The GDPR aims to strengthen the security and protection of personal data in the EU and will replace the European Privacy Directive and national legislation. 

Monitored by an internal cross-functional team, ORTEC is extending existing security and business continuity management systems and certifications to ensure GDPR compliance. Robust security processes are in place which enable us to follow adequate procedures when handling and processing data. Registration processes secure traceability of actions taken and are being registered in a dedicated system. Impact analysis will be conducted on a regular basis to audit our performance in this field. 

On top of this, ORTEC has reviewed its standard software products and has made adjustments in in line with the latest data protection legislation. Our latest versions of ORTEC Routing & Dispatch and ORTEC Workforce Scheduling contain features for our customers to support GDPR compliance. 

Customers with a valid software maintenance & support contract are eligible for upgrades and new versions. Please contact your ORTEC account manager for more information on this.

Our Data Processing Agreement (DPA) outlines what personal data is processed, why we process it and how we handle personal data processing in general.

Should you have any questions how ORTEC handles GDPR, please contact us


FREQUENTLY ASKED QUESTIONS

Does ORTEC support customers to become GDPR compliant?
It is important to recognize that GDPR compliance is a shared responsibility and all customers are responsible for adapting their own business processes and data management practices to ensure that they are GDPR compliant. 

ORTEC supports customers that are using ORTEC solutions to become compliant. Our latest versions of ORTEC Routing & Dispatch and ORTEC Workforce Scheduling contain features that are necessary for customers to become GDPR compliant. We also facilitate an encryption tool within our products that enables anonymization of customer data. Customers with a valid software maintenance & support contract are eligible for upgrades and new versions. Please contact your ORTEC account manager for more information on this.

Does ORTEC handle my data in a compliant way?
For implementation and support purposes, sometimes data is being transferred from customers to ORTEC premises. We have developed an encryption tool to anonymize personal data. This enables customers to anonymize data before transferring it to ORTEC premises. ORTEC aligns Data Processing Agreements (DPA’s) with its EU customers, to ensure the right processes are in place for data handling and processing.

What is a Data Processing Agreement?
Our Data Processing Agreement (DPA) outlines what personal data is processed, why we process it and how we handle personal data processing in general. The DPA is signed by both ORTEC and the customer and both parties agree to process data as required by GDPR and to comply with the terms & conditions of the regulation.

Which ORTEC software solutions and versions are GDPR compliant?
Our latest versions of ORTEC Routing & Dispatch and ORTEC Workforce Scheduling contain features for our customers to support GDPR compliance. Please contact your ORTEC account manager for more details.

I use a tailor-made ORTEC software solution in my company. Will this tailor-made solution support GDPR compliancy?
If you use tailor-made ORTEC software in your company, please contact your ORTEC account manager to discuss GDPR compliance in more detail. Most of our tailor-made software solutions do not contain any personal data, but we recommend checking this in detail. 

What implications does GDPR have on the hosting solutions ORTEC offers?
Safety and security are a key element in selecting our hosting partners. Our hosting partners need to meet strict requirements. We only work with hosting partners that have committed to comply with GDPR regulations.

My company requires a written GDPR statement from ORTEC. Do you have one available?
Yes, we do have an ORTEC GDPR statement describing our commitment and efforts in the area of GDPR. Please contact your account manager for a copy of it.

Does ORTEC have a Data Compliance Officer?
ORTEC has established an Information Security Committee (ISC) to take a leading role in improving and maintaining the information security policies and practices within ORTEC. ORTECs Data Protection Officer (DPO) is part of the ISC and will inform, advise and monitor compliance.