AMDia and HITGuard - a success story
Living data protection management
About AMDia GmbH
AMDia GmbH, based in Saxony, is a German healthcare provider for occupational medicine, occupational safety and fire protection. It was founded in Neukirchen in the Ore Mountains in 2020. From the very beginning, it has been supporting companies from a wide range of industries in the region, the federal state and neighboring states with occupational health management.
AMDia supports employers and their employees in preventing accidents at work, maintaining physical and mental health in the workplace and preventing work-related accidents and illnesses. To this end, it offers companies of all sizes comprehensive advice and support in all matters relating to the health and safety of its clients' employees.
The services offered and various additional services provided by AMDia make it necessary to process large amounts of personal and therefore particularly sensitive health data. It is in the interests of all data subjects to collect, store and evaluate this data securely and to delete it in good time. It is therefore absolutely essential to operate a suitable system for recording and managing all processing activities.
The use case: living data protection management
The aim of Thomas Weisbach, Managing Director of AMDia, was to set up a data protection management system. In addition to documentation in the form of processing activities and Data protection impact assessment, this also includes the ongoing operation of the management system. This in turn means carrying out regular analyses and risk assessments and setting up a control system for Data protection.
The most important aspect for Mr. Weisbach here is to maintain and operate a living management system. HITGuard offers this because it reminds you of important tasks and presents the implementation and results of the management system ready for presentation.
Why HITGuard?
HITGuard impressed Mr. Weisbach with its quick and easy options for centralizing and managing the various aspects of data protection. The guided wizard was a decisive factor here
for the tool-supported recording of processing activities
and Data protection impact assessments.
In addition, it was very important to the occupational health and safety expert that the Data protection could be professionally documented and the results easily analyzed. HITGuard meets all these requirements for him with flying colors.
Working with the tool
The various company processes already identified that are related to the processing of personal data were recorded directly in HITGuard. Based on this database, Data protection impact assessments (DPIAs) were carried out for all processing activities that are primarily concerned with the processing of health data.
AMDia's data protection management has thus been successfully digitalized and a basis has been created on which the next steps can be taken.
In the next step, this means setting up a data protection risk management system. To this end, detailed analyses of the individual processing procedures are to be carried out, from which Mr. Weisbach can subsequently derive further potential for improvement. At the same time, a control system with regular tasks to be carried out by him or his employees is also being developed. HITGuard allows him to digitally map all tasks that require documentation and to be reminded of their implementation in good time.
Highlights
As Mr. Weisbach manages his complex data protection management without a dedicated team and therefore has to allocate his resources precisely, the recording of processing activities in the guided assistant is a great advantage for him. He also finds the easy way to update processing activities and create a new version very labor-saving. HITGuard guides him step by step through the necessary DSMS activities. He particularly likes the fact that all these steps can not only be carried out quickly, but that past statuses can be traced historically and evaluated in the long term.
All information created in AMDia's management system can be visualized immediately on the dashboard. This and the option of configuring the dashboard himself are a great help to Mr. Weisbach in monitoring and evaluating his results. He can create his own dashboards with exactly the information he needs to be informed about his data protection level at all times.
He can also have requests from data subjects created by HITGuard at the touch of a button thanks to the links between personal data processing processes and data subject categories. The data subjects therefore receive the requested information promptly.
Thanks to the overview of where which data is processed, you can quickly find the storage locations of the personal data of certain groups of data subjects. This makes it possible to find the data you are looking for at any time and delete or block it without overlooking a storage location.
Recommendation
Mr. Weisbach recommends the use of HITGuard to any company that wants to set up a data protection management system in a simple but professional way. HITGuard is the perfect resource-saving and efficient management tool, especially for small teams that bear a lot of responsibility and have to take care of the security of a large amount of personal data.
| Key data | |
|---|---|
| The company | AMDia GmbH |
| Industry | Occupational medicine and occupational safety |
| Head office | Neukirchen, Germany |
| Number of employees | 5 |
| HITGuard modules and add-ons in use |
Basic modules Risk management, Measures and controls, Data protection add-on |
| Management systems | 1 |
| active users | 1 |