Compliance

At Attendi, we fully realize that applying smart speech technology in healthcare requires security and privacy guarantees. Attendi focuses on providing a secure solution that patients, clients, healthcare professionals and healthcare institutions can use with trust and confidence.

We only work with data for which both the patient and the healthcare professional have given explicit, well-informed consent.

In full control of the data, together with our clients

With our speech technology, Attendi does not make use of third parties who become an undesired part of the data processing, which makes us unique. Attendi has the technology completely under its own management and can therefore always fulfill the wishes of the controller together with clients.

No unwanted sub-processors

For training our solution, we do not rely on any third parties. At all times we are able to make transparent who has access to which data and during which period. The employees of Attendi that are given access are subject to a confidentiality agreement and a signed code of conduct, have submitted a certificate of conduct and have extensive knowledge and understanding of the necessary security measures.

Only access to what is strictly necessary

Our technology and processes are designed in such a way that an employee of Attendi can only access data for a limited period agreed upon explicitly with the client. Based on a user data log, Attendi can always make transparent to clients whether the agreements made have been correctly acted upon.

End-to-end encryption

Everything that is recorded is sent fully encrypted. This means that Attendi has no access to the audio or the data derived from it. Only with explicit permission do designated and screened Attendi employees have access to the data for a certain period.

Aligned with processing agreements in the industry

With our solution and processes we comply with the BOZ (Brancheorganisaties Zorg) processing agreement.

We meet the highest compliance standards in healthcare

Attendi works in accordance with the information security policy as described in ISO 27001 and NEN 7510. Attendi’s partners should at least comply with similar policies.

General Data Protection Regulation (GDPR)

The processing of personal data by Attendi complies with the relevant laws and regulations as described in the General Data Protection Regulation (GDPR).

The data remains in the Netherlands

Attendi processes and, if necessary and agreed upon, stores data exclusively in data centers in the Netherlands. Therefore, Dutch rules and regulations regarding data protection apply.

For the GDPR compliance of this website, please review the Privacy Statement in the footer of this website.

Do you have any questions, comments, or suggestions regarding Attendi’s security policy? Please contact our Privacy Officer: berend@attendi.nl