Medux records data breaches and data processing uniformly with JuriBlox

The General Data Protection Regulation (GDPR) requires many organisations to maintain a data breach and processing register. Medux Group manages this process with the help of JuriBlox Privacy. Among other things, this solution ensures that processing agreements are drawn up uniformly and stored centrally. Data breaches are also recorded centrally. Medux thus makes a big step towards AVG compliancy.

The Medux group is a major player in the field of care and rehabilitation aids, services and complementary service concepts. HartingBank, a service provider of aids in care institutions, and Medipoint care and welfare products are the best-known names within the Medux group.

Switching to specialised solution

“JuriBlox is helping us with our compliance with the AVG,” says Chun Tan, Compliance Officer at Medux. “We used to work mainly with Excel files. However, when we hired our new Data Protection Officer (DPO) externally, he suggested a switch to a specialised solution. The choice fell on JuriBlox Privacy.”

JuriBlox Privacy is a solution that allows companies to easily comply with the administrative obligations of the AVG. The software not only makes data processing transparent, but can also provide automated, customised privacy advice.

Complete overview

The system offers Medux significant advantages. “Our previous DPO had previously requested processor agreements from all departments and created an overview of who entered into which agreement. However, these agreements were previously not stored centrally, which made creating a complete overview difficult. JuriBlox ensures that processor agreements end up in a central location. As a result, we have much better visibility of the agreements we make and the processor agreements we have entered into.”

Another advantage is the uniform way agreements are drafted. “JuriBlox Privacy works using templates that users fill in and based on which a processor agreement is created. These templates ensure uniform agreements. Everyone goes through the same steps when drafting and answers the same questions,” says Tan. Templates also ensure that drafting a processor agreement requires less legal knowledge and can in fact be done by any employee of the organisation.”

Behavioural change takes time

The solution has since been implemented by Medux and is now being rolled out, which is a gradual process. “The system requires a new way of working from our staff,” says Tan. “Employees do not always immediately see the benefits of the new way of working with JuriBlox. Achieving behavioural change and adapting workflows takes time. Therefore, not every employee is currently using JuriBlox yet, which is not surprising. In the coming time, we will work on increasing the embrace of the solution.”

“The way we record data processing and data breaches has been greatly improved thanks to JuriBlox. This is important, not only in view of the AVG. For example, we are currently working towards ISO certification, to which the insight that JuriBlox’s system gives us is an important contribution.” For example, Medux records for each data breach – which under the AVG includes data loss – what exactly happened. As a result, it is always immediately clear when which data breach occurred, what caused it, which users were affected and how Medux responded to the data breach.

Increase usage

Tan is satisfied with working with JuriBlox. “If we want to make changes, it is usually picked up immediately. The same goes for breakdowns we encounter unexpectedly,” Tan explains. “JuriBlox has much more functionality than we currently use. In the coming period, we will not only increase the number of solutions we use, but also work on implementing more features;

This is a staging environment