Security FAQs

1. Who owns the data that I, the data controller, input into my software application?

You are the data controller in respect of the data that you input into your software application. You decide the method and purpose of processing personal data.

The software rights in the software and database rights and underling database schema are Clanwilliam’s intellectual property.

The use of your software system is subject to the terms outlined in the End User License Agreement (EULA) provided by the software.

2. Does Clanwilliam access my patient’s personal data without my knowledge?

No. Clanwilliam is a data processor, processing personal data on behalf of you, the data controller. Clanwilliam only processes personal data in accordance with the terms of the data processing agreement (DPA).

3. Does Clanwilliam sell my patient data?

No.

We do not sell, share or otherwise distribute personal data.

4. Can I access my data?

Yes. Your software system provides you with access to your data. Our software facilitates reporting of your data within the software. In accordance with the GDPR and our Data Processing Agreement (DPA), at the end of our agreement to use the software, you are entitled to request the return of or destruction of your data.

5. What steps does Clanwilliam take to protect privacy?

Our highest priority is the security and integrity of our software. Clanwilliam implements rigorous contractual, technical, and organisational measures to protect its confidentiality, integrity, and availability of data. Clanwilliam adheres to a strict Information Security Framework in accordance with ISO27001 standards.

6. Does Clanwilliam conduct security assessments and penetration tests to safeguard its software against new cyber threats?

Yes, Clanwilliam conducts annual third-party independent web application and penetration testing. Vulnerability assessments are conducted at least quarterly on all Clanwilliam’s hosted systems.

For on-premise applications, we are continually improving our software security posture, working closely with our partners and Microsoft to provide regular version and security updates to our clinical system users.

7. How do third party applications interact with Clanwilliam?

Interoperability is a key feature of our product offerings. Our software solutions connect seamlessly and securely with a myriad of other healthcare software systems and platforms such as the HSE, ICGP, Billink, Keep it Safe, in order to deliver useful functionality to clinicians.

Clanwilliam welcomes and actively facilitates the creation of a more integrated and interoperable e-health ecosystem.  At the same time, we are extremely conscious of the need to ensure full compliance with data protection law.

All partner integrations are facilitated through our Clanwiliam Connect Partnership Programme, facilitating secure interoperability with our systems.

8. Who should I contact if I have any questions regarding your data or data protection?

Please refer to your Software Terms and Conditions.

Alternatively, you can contact:

Customer services: customersupport@clanwilliamhealth

Sales: sales@clanwilliamhealth

Legal: legal@clanwilliamgroup.com