As experts of data privacy, at Pryv, we continuously invest our best efforts to deeply investigate how data protection regulations might affect your company and what you should keep in mind when dealing with sensitive personal data.

While the GDPR has already started to collect its fees from non-compliant companies, the European Union keeps tightening up its digital market standards, and third countries like Switzerland might be left with no choice but to adapt if they want to keep exchanging data with Europe. So where do you stand in the middle of all these regulations?

In this article, we will try to provide you with a comprehensive overview of the current Swiss-EU privacy landscape, and help you prepare for what’s coming next.

GDPR

If you have a Swiss company and you’re dealing with sensitive personal data, chances are that GDPR-compliance has been your concern for some months now.

Effective since 25 May 2018, the GDPR raised the bar at a whole new level for data protection and privacy regulations, leaving tons of companies collecting and/or processing EU citizens personal data with the only choice of either complying, or paying fines up to €20M or 4% of annual income. And this was just the beginning.

At its core, GDPR is a response to a need for action. But the GDPR was not only designed to ensure an adequate level of data protection for EU citizens. It was also designed to set up a new standard, and help implement the current European strategy for a EU Single Digital Market.

So how exactly might this affect your company? Well:

• Privacy rights of European citizens are not limited by European borders (ref: https://gdpr-info.eu/art-3-gdpr/): so whether your company is based in Europe or not, if you want to expand your offer of services to EU citizens (or even monitor their behaviour within the EU), you will have to comply with the GDPR first.
• Personal data transfers outside the EU are subject to numerous provisions under the GDPR (ref: https://gdpr-info.eu/art-44-gdpr/): so at some point, if you want to exchange data with Europe, you may have to demonstrate that your company provides an adequate level of data protection for this data.
• The Swiss Data Protection Act (“Swiss DPA”) has been revised and will force Swiss companies to better align with the European standard: so even if you’re a Swiss-only business, you will still have to comply with a number of GDPR-like requirements.

Also, if you’re in the healthcare business: the GDPR provides an extra level of protection regarding the processing of specific personal data like genetic data, biometric data and any data concerning health (Ref: https://gdpr-info.eu/art-9-gdpr/), adding yet another level of requirements to meet with.

Did you take all that under consideration?

Swiss DPA

The GDPR does not only affect Swiss companies, but also Switzerland itself.

As a new Swiss DPA (“revDPA”) has been adopted by the Swiss parliament in September 2020, a number of GDPR-like requirements will soon make their appearance in the Swiss legislation as the GDPR was largely taken under consideration during the revision.

For example, the revDPA introduces a right to portability, a duty to inform of any personal data collection, and an obligation to keep an inventory of processing activities, similarly to what is currently provided by the GDPR.

So what does this mean for you? Well, even if you’re not dealing with Europe and are not planning to, if your company falls under Swiss DPA, you will have to comply with all of its new GDPR-like requirements when the revDPA comes into force.

To know more about the key amendments and its impacts on Switzerland, we encourage you to read the text of the revDPA project and the sources provided at the end of this article, especially this one, by François Charlet, which highlights the changes and measures to be taken.

Another thing that you might want to keep in mind is that all of these new obligations will largely apply as soon as the new law comes into force. And as outlined in an article written by Walder Wyss Associates, sharing recommendations for revDPA implementation, “the implementation of the revDPA requires early planning“. 

Therefore, even if the revDPA is expected to come into force in 2022, we strongly advise Swiss companies to not wait until then to start preparing for it.

ePrivacy

As said before, the GDPR was just the beginning.

In the pursuit of its strategy for a single digital market and to reinforce the level of privacy protection of its citizens, the EU is now under discussion to endorse a new regulation intended to replace the current ePrivacy Directive and specify/complement the GDPR: the ePrivacy Regulation (ePR).

To keep it simple, the ePR is having similar focus as the GDPR but specifically targets electronic communications. From that perspective, it is most likely that Swiss companies will be impacted, too. A revised draft for the ePR has just been released in November 2020.

So what should you know? Well, since the ePR is intended to specify/complement the GDPR:

• If the GDPR applies to you, so could ePR if your offer of services extend to electronic communications.
• In case of conflict between the two regulations, ePR will take precedence over the GDPR (which means it will be applied first).

Also, ePR fines for non-compliance are expected to be as high as in the GDPR: so in case of infringement, you could have to pay a fine of up to €20M or 4% of your company’s annual income (whichever is higher). Wouldn’t it be better to invest into a compliance strategy instead?

While the ePR is intended to particularise and complement the GDPR, it is also foreseen that it “will have a disruptive effect on companies’ digital strategies, which will need to be redefined to meet the new requirements.” However, it doesn’t necessarily have to.

As we like saying at Pryv, in cases like this, you just have to establish a solid and scalable foundation prior to building the house. Thus, you’ll be sure that eventually, your system components will be scalable to comply with any new forthcoming requirements.

And if you’re in the healthcare business…

ePR is not the only new EU regulation that is to be expected within the next few years. As Europe keeps raising the standards of its regulations, a new regulation for medical devices is also making its way towards the EU market: the Medical Device Regulation (MDR).

Especially, if you’re developing a mhealth app: MDR could become a major concern for you as your software could now be registered as a “medical device” under this new legislation, adding yet another level of requirements to comply with.

As it may feel like a downfall of complex challenges for your company, it doesn’t have to be.

Get your MDR compliance done right: explained in a less than 5 minutes read

Since 2015, we have been discussing with hundreds of healthcare innovators and listening to their needs, so that we could help businesses like yours build solutions that respect not only data privacy and protection regulations, but also existing and forthcoming regulations for managing personal health data.

The end… or the and?

By design, when we decided to bring Pryv.io on the market as a ready-to-be-used solution for personal and health data, we invested in making sure that we can ensure your products can easily benefit from integrated compliance over different industries and market-specific regulations.

Book a demo to know more about how Pryv.io can help you comply with Swiss DPA, GDPR, ePrivacy and boost your time to market, turning your compliance investment into a competitive advantage.

Yours,

Stephanie & Evelina

Sources:

• https://gdpr.eu/
• https://gdpr-info.eu/
• https://www.parlament.ch/en/ratsbetrieb/suche-curia-vista/geschaeft?AffairId=20170059
• https://www.pwc.ch/en/publications/2018/e-dsg-pov.pdf
• https://ec.europa.eu/digital-single-market/en/proposal-eprivacy-regulation
• https://www.dataguidance.com/news/eu-presidency-releases-revised-draft-eprivacy-0
• https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CONSIL:ST_9931_2020_INIT&from=EN

[to know more about the new Swiss DPA]

• https://www.parlament.ch/centers/eparl/curia/2017/20170059/Texte%20pour%20le%20vote%20final%203%20NS%20F.pdf (revDPA text)
• https://www.lexology.com/library/detail.aspx?g=76e7877a-a433-45bc-a6b0-30cb095b51b5
• https://francoischarlet.ch/2020/nouvelle-lpd-ce-qui-va-changer/

The post GDPR, Swiss DPA & ePrivacy – what Swiss companies should know appeared first on Pryv.

A ready-to-use data management solution to achieve GDPR compliance and meet health data hosting requirements. 
Companies willing to collect and use personal health data can now benefit from a complete, ready-to-use, and scalable solution, offered by Euris Health Cloud® (health data hosting) and Pryv (personal data and privacy compliance middleware). In Europe, the solution combines a certified HDS (*) hosting offer for security and a personal healthcare data management service for privacy, allowing e-health actors to rigorously manage personal health data and quickly create applications that respect the rights of the patient at an attractive cost.

”Contrary to what companies may believe, the HDS Certification of their hosting provider in no way implies their compliance with the GDPR. All it tells them is that their host offers sufficient data protection guarantees.” says Pierre-Mikael Legris, CEO at Pryv “The complementarity of HDS hosting and GDPR compliance solutions is perfectly illustrated by our partnership with Euris.”

 

“Combining our expertise with Pryv knowledge and Pryv.io capabilities, we provide a unique and proven off-the-shelf solution that allows companies to achieve an optimal data management and protection solution globally through a new bundle offer for startups and innovative e-health projects.“ says Pedro Lucas, CEO at Euris Health Cloud®.

With the offerings Cloud Santé® PRIVACY and Cloud Santé® PRIVACY STARTUP by Euris and Pryv, companies operating in Europe can now meet both French HDS and EU GDPR requirements with no expertise required on their part, allowing them to focus on their core business and increase user engagement through trust and transparency.

About Euris Health Cloud®: www.euris.com

Euris Health Cloud® is a connected healthcare operator, specialized in the hosting of healthcare data. Euris Health Cloud® provides a global hosting infrastructure for personal health data, in compliance with local regulations: EU (HDS: 2018 &ISO 27001 2013), US (HIPAA), China (CSL).

Thanks to a unique marketplace model, Euris Health Cloud® also offers a complete range of interoperable services and solutions, facilitating the deployment of e-health projects: strong authentication, drive, archiving, backup, anonymization, Big Data, Business Intelligence, IoT, telemedicine, CRM, PRM and Healthcare Data Warehouse.

About Pryv: pryv.gihub.io/www

Pryv.io is an extensible personal data lifecycle management platform specifically engineered to empower developers to rapidly create and scale breakthrough GDPR and HIPAA compliant products, services, and experiences. The software has been developed to accommodate rapid integration. It comes with turnkey IoT connectivity, a secure storage vault, fine-grained consent management, and comprehensive auditing capability that radically cut IT development costs and accelerate time-to-benefit while addressing the most stringent data protection requirements.

(*) Certified HDS: « Hébergement de Données de Santé » (French Health Data Hosting certification based on ISO 27001 standard and GDPR regulation)

The post Euris and Pryv simplify personal data management: A ready-to-use solution to meet GDPR and Health Data Hosting requirements. appeared first on Pryv.

Lausanne, Switzerland, June 9th, 2020 — Today, Pryv SA, the leading Swiss provider of personal data and privacy management software announced the open-source release of Open Pryv.io: a free and scalable personal data lifecycle management platform specifically engineered to empower developers to rapidly create and scale breakthrough, GDPR, and privacy compliant products, services, and experiences.

As developer productivity has become a competitive necessity, the ready-to-use Open Pryv.io is marking a turning point to de-complexify the development of personal data and digital health applications.

Data pooling, data aggregation, consent management, and data interoperability are among the Open Pryv.io’s capabilities that are raising the bar for delivering a reliable solution for collecting and managing heterogeneous sets of real-world personal data with full respect to privacy.

“Releasing our core software in open-source today is a natural move for us. From day one, Pryv.io was built to be open-sourced” says Pierre-Mikael Legris, CEO and co-founder of Pryv SA. ”In fact, our source code has always been open for our clients. By releasing Open Pryv.io, we provide any company with a tool allowing them to address the enhanced citizen’s right, which sends a strong message of transparency and inclusivity”.

Fostering faster innovation and less duplication of effort are also among the main drivers of Open Pryv.io’s release. Nowadays developers value using open-source instead of redeveloping available code. Integrating Pryv.io open components will allow developers to free them up to work on what is unique in their products and add privacy-by-design to their value proposition.

“Open sourcing our code is doing the right thing – for the community, for our clients, and for Pryv. We should have done it much earlier.” adds Simon Goumaz, Co-Founder and Board Member at Pryv SA.

The Open Pryv.io release takes place at a time when the pandemic disruption has cast a harsh light on the notion of personal data collection and privacy respect. As governments have been lifting data protection restrictions in an attempt to ease access to personal data to protect public health, the release of Open Pryv.io shows that there is a way to encourage personal data collection being done right. Open Pryv.io urges to build a world where privacy is the norm – not the exception as it is today.

“Privacy doesn’t have to be only secrecy. We envision a world where privacy is the ability to share your data with awareness and control. For years now, we prove that respecting one’s privacy and having access to their data are not contradictory. The more transparent you are, the strongest relationships you will build with your users” says Evelina Georgieva, Co-Founder and CBDO at Pryv SA. “No more excuses: the Open Pryv.io offers developers a strong foundation to ensure that the personal data they collect are rightfully managed from day 1.”

Alongside this new release, which offers essential features of the Pryv.io software following an open-core model, Pryv continues executing its growth strategy by licensing the enterprise-class version to projects that require high scalability, compliance documentation and dedicated support.

About Pryv

Founded in 2012, Pryv makes health personal data processing as secure and trustworthy as online banking. We help organizations manage personal data from creation through use and sharing,

Our Swiss-made Personal Data & Privacy Management Software- Pryv.io is a solid foundation on which you build your own personal data and digital health solutions. The software has been developed to accommodate rapid integration. It comes with turnkey IoT connectivity, a secure storage vault, fine-grained consent management and comprehensive auditing capability that radically cut IT development costs and accelerate time-to-benefit while addressing the most stringent data protection requirements.

The post Pryv SA releases an Open-Source Solution for Personal Data & Privacy Management appeared first on Pryv.

It’s not news: from two years already, if you’re a company operating with EU citizens personal data, you have to comply with the GDPR (General Data Protection Regulation). Effective since 25 May 2018, the regulation sets out a number of legal obligations to be met in terms of privacy requirements and generous fines to be paid for those who don’t play by its rules. Yet in spite of its not-so newness, a lot of questions are still arising when it comes to GDPR compliance: how to achieve it? Where to start? How to leverage its requirements into a competitive advantage?

 Master the GDPR Compliance Checklist with Pryv

While lots of companies see the GDPR as a boring legal conundrum to solve, it is actually one of the best frameworks you can use to flourish and scale up your business. That is of course, assuming you do it smartly; we bet you would rather use your resources to enhance your application than have them stuck finding a way to answer on the user’s rights on their data: how to execute their consent, where to store their data… getting a copy of the data ready, process to delete it? At the end of this article, you’ll be the one ready to master your GDPR compliance and know how Pryv.io’s capabilities can help you thrive in the blooming personal data economy.

GDPR 101: a checklist to achieve compliance

To make it easier for companies to navigate the storm of the GDPR data protection and privacy requirements, the gdpr.eu website provides easy-to-understand, compliance guidance through a variety of digital content aiming at explaining and/or highlighting the specifics of the regulation. Especially, they provide a free, online GDPR Compliance Checklist that businesses can use as a framework to achieve their own compliance. This is exactly where you want to start when asking: “Am I ready for the GDPR?”

Divided in four parts, the checklist sets out a list of 19 things to be checked or done (preferably before going to market!) in order to reduce the risks of regulatory penalties.

The checkups are regrouped by privacy-related “themes”:

1. Lawful basis and transparency
2. Data Security
3. Accountability and governance
4. Privacy rights

In the following, we will show for each of these checkups how you can leverage our technology to achieve GDPR compliance while increasing your business efficiency.

GDPR Compliance Checklist @ glance, with Pryv

Pryv.io is an extensible personal data life-cycle management platform specifically engineered to empower businesses to rapidly create and scale breakthrough, GDPR compliant applications.

A lot of organizations are skeptical about involving a third-party for their privacy – we get it.

So let’s be clear: we don’t access or host any data. All we do is to provide our clients with a ready-to-use, scalable piece of code/software that can be used to rightfully collect, store, share and use personal data. Moreover, you can even choose where you want the data to be stored for each user separately, so it is both safe and compliant with all relevant data residency laws. Pryv.io will then be deployed on the servers and/or infrastructure of your choice. 

Focus on your core business knowledge and let Pryv.io optimize your organization’s resources for a responsible, efficient, and lawful collection, use, sharing and disposal of information.

In addition, you will be able to benefit from Pryv.io’s latest features: webhooks for real-time data notifications, and many others that will help you boost your business’ success!

Still skeptical? Take a look for yourself: because we believe transparency is key when it comes to privacy, our software is also available in Open Source since this summer.

For all other questions or to book a demo, contact us directly at: https://pryv.github.io/www/contact/

Yours,

Pryv Team

The post Master the GDPR Compliance Checklist with Pryv.io appeared first on Pryv.

La confusion vient du fait que, malgré tout, faire appel à un sous-traitant certifié HDS pourra souvent aider le Responsable du traitement à se conformer au RGPD… Qu’en est-il donc ?

La Certification HDS dans le contexte du RGPD

Selon le RGPD, une entreprise qui collecte et traite des données à caractère personnel doit remplir plusieurs exigences. Notamment :

• Définir les buts et finalités des données qu’elle collecte
• Recueillir le consentement des utilisateurs
• Garantir les droits des utilisateurs (droit à l’oubli, droit à la portabilité, etc.)
• Garantir la sécurité des données
• Mettre en place une procédure en cas de fuites des données
• Tenir un registre des activités de traitement des données (traçabilité des données)

Cependant, il n’est pas exclu que cette entreprise fasse appel à des entreprises externes pour l’aider. Par exemple, une entreprise peut décider d’externaliser les données qu’elle collecte auprès d’un hébergeur sous-traitant, lui permettant ainsi de ne pas devoir elle-même implémenter une solution d’hébergement, ni de devoir en assurer la sécurité.

Mais dans ce cas : comment s’assurer qu’un hébergeur offre des garanties suffisantes en matière de protection des données ? Comment s’assurer que les services qu’il propose sont sécurisés ? Et comment garantir que les droits de vos utilisateurs seront exercés ?

En France, ce problème est résolu par la Certification HDS.

Selon l’art. L1111-8 CSP, toute entreprise qui héberge des données personnelles de santé pour le compte d’un tiers est soumise à l’obligation d’une Certification HDS.

Pour obtenir cette certification, l’hébergeur devra démontrer qu’il remplit plusieurs exigences.Notamment:

• les exigences de la norme ISO 20071 (sécurité des SI)
• une partie des exigences de la norme ISO 20000-1 (gestion des services)
• des exigences complémentaires aux normes précitées
• des exigences relatives à la protection des données personnelles de santé
  (il est conseillé de se référer aux exigences de la norme ISO 27018)
• des exigences complémentaires pour la protection de ces données
• des exigences spécifiques au domaine de la santé

Ainsi, toute entreprise qui fait appel aux services d’un hébergeur certifié aura la garantie que celui-ci offre des produits et/ou services suffisamment sécurisés (en vertu des normes ISO correspondantes), et qu’il respecte la confidentialité des données hébergées.

Pourquoi les entreprises qui sous-traitent leurs données auprès d’un hébergeur certifié HDS doivent-elles encore se conformer au GDPR ?

#1 L’hébergeur n’est certifié HDS que pour les services qu’il propose.

La Certification HDS se décompose en six niveaux d’activité différents pour deux métiers d’hébergement distincts. On a donc :

Un certificat “hébergeur d’infrastructure physique” pour:

• • La mise à disposition de sites physiques permettant d’héberger l’infrastructure matérielle du SI de santé (1)
  • La mise à disposition de l’infrastructure matérielle du SI de santé (2)

Un certificat “hébergeurs infogéreurs” pour:

• • La mise à disposition de la plateforme logicielle (OS, middleware, base de données) du SI de santé (3)
  • La mise à disposition de l’infrastructure virtuelle du SI de santé (4)
  • L’administration et l’exploitation du SI de données (5)
  • La sauvegarde externalisée des données de santé (6)

Un hébergeur n’est certifié que pour les services qu’il propose ; il ne répond donc que des exigences liées à ses activités. Les entreprises doivent donc vérifier ce pour quoi leurs hébergeurs sont certifiés, et être au clair sur les services qui leur sont fournis.

#2 C’est l’hébergeur qui est certifié HDS, non pas l’entreprise qui utilise ses services.

Même si une entreprise fait appel à un hébergeur certifié HDS pour les données qu’elle collecte, cela ne dit rien sur sa propre conformité au regard du RGPD.

L’un des scénarios les plus courants est celui du “Shadow IT”. Une entreprise peut utiliser le système sécurisé d’un hébergeur pour ses données, mais si ses employés en gardent une copie sur des systèmes non sécurisés, alors ces données ne seront pas protégées.

L’entreprise doit donc toujours vérifier qu’elle remplit elle-même toutes les exigences du RGPD, même si son hébergeur en remplit certaines de son côté. De plus, il faut garder à l’esprit que l’externalisation des données repose sur un modèle de responsabilité partagée. 

#3 La Certification HDS ne couvre pas toutes les exigences du RGPD.

Enfin, il faut savoir que les exigences de la Certification HDS ne couvrent pas toutes les exigences du RGPD. Dès lors, même si une entreprise décidait de remplir elle-même toutes les exigences de la certification, elle ne serait toujours pas conforme au RGPD.

Ainsi, même en faisant appel à un hébergeur certifié HDS pour les 6 niveaux d’activité, une entreprise devra toujours veiller à se conformer elle-même, entièrement, au RGPD.

Un hébergeur certifié HDS offre simplement des solutions fiables sur lesquelles les entreprises peuvent s’appuyer pour atteindre leur propre conformité.

Pourquoi la Certification HDS peut néanmoins aider les entreprises à se conformer au RGPD en interne ?

La Certification HDS peut servir de guide pour les entreprises

Le RGPD ne donne que les lignes directrices à suivre pour les entreprises. Par exemple, l’art. 32 RGPD impose aux entreprises d’assurer la sécurité des données, mais ne dit rien sur la façon dont cette sécurité doit être implémentée.

S’appuyer sur les exigences de la Certification HDS peut donc les aider à se conformer au RGPD. Néanmoins, les entreprises restent tenues de se conformer à toutes les exigences qui ne sont pas couvertes par la Certification HDS.

Stephanie @ Pryv

June, 2020

Sources:

• https://esante.gouv.fr/labels-certifications/hds/certification-des-hebergeurs-de-donnees-de-sante
• https://esante.gouv.fr/services/hebergeurs-de-donnees-de-sante/les-referentiels-de-la-procedure-de-certification

• https://esante.gouv.fr/sites/default/files/media_entity/documents/hds_referentiel_de_certification_v1.1f_mai2018.pdf
• https://healthcare.orange.com/fr/actualites/rgpd-et-hds-quelle-compatibilite/
• https://www.linkedin.com/pulse/certification-hds-et-rgpd-une-analyse-comparative-francois-kaag
• https://www.village-justice.com/articles/hebergement-donnee-sante-rgpd,30355.html

• https://esante.gouv.fr/sites/default/files/media_entity/documents/asip—exigences-et-controles-du-referentiel-hds—-v1.1—en.pdf

The post Pourquoi la Certification HDS ne garantit pas votre conformité au RGPD? appeared first on Pryv.

HealthyHealth encourages healthy behavior through algorithms and research data predicting people’s risk for medical conditions based on their lifestyle data. By using their services, people can take better care of their health, employers can nurture a healthier workforce while insurers can better engage their customers, personalise their services (offer lower premiums) and reduce liabilities.

“Pryv gives us the required privacy rigour to build and maintain the trust critical for our continued success” says Etienne Bourdon, COO at HealthyHealth. “With an estimated 600’000 data points collected annually per person, we embedded a middleware technology that not only strengthens GDPR compliance but also scales our collection, use, and storage of lifestyle information.”

Connected health and P4 medicine (Predictive, Preventive, Personalised, Participatory) is a reality nowadays. Sensor technology, wearable devices and mobile apps are helping individuals monitor their health and alerting them to any early signs of illness. With lifestyle data, innovative players are developing value propositions that help insurers and businesses alike understand behavioural trends and score risk in a more granular way. Responsible P4 players are integrating privacy into their propositions to reinforce regulatory compliance, boost customer confidence and thereby increase engagement. Pryv.io streamlines compliance efforts and scales the process of collecting lifestyle data so that businesses can more efficiently perform risk calculations, offer personalised plans and optimise customer service.

“HealthyHealth is at the forefront of InsurTech innovation” says Pierre-Mikael Legris, CEO at Pryv.  “Our partnership exemplifies a strong technology collaboration that unlocks the value of lifestyle data with behavioural analytics and an unwavering commitment to data privacy, protection and GDPR compliance”

Pryv helps organisations manage personal data from creation, to use, to sharing and enhanced GDPR rights such as transparency, portability and right-to-be-forgotten. The API is capable of ingesting high-throughput IoT data at scale and with optimal storage density. Packaged for rapid integration, the software solution comes with a secure storage vault, encryption protocols, fine-grained consent management and comprehensive auditing capability that radically cut IT development costs and accelerate time-to-benefit while addressing most stringent data protection requirements.

HealthyHealth.uk Ltd is a company specialised in assessing precise individual health risks, with the ability to predict percentage risks for more than 800 medical conditions, hospitalisation and mortality. Using this data, a second product focuses on preventing the detected health risks by transforming digital data collected into prevention opportunities with a daily personalised plan including nutrition recommendations, physical and mental exercises. HealthyHealth is working with several (re-)Insurers, Employers and Hospitals internationally with two products : a B2B risk API for medical risk evaluation, and a B2B2C mobile App for end-users preventing detected risks. For more information, please send them an email or visit HealthyHealth website.

The post HealthyHealth Selects Pryv to Strengthen GDPR Compliance and Unleash Collection of Lifestyle Data appeared first on Pryv.

This new partnership is set to benefit customers in Japan, Thailand and the Philippines with an IoT platform-as-a-service offering meeting the highest levels of data safety, privacy and user empowerment. Both companies share vision that privacy is not an obstacle to business innovation but a competitive advantage when implemented correctly. This partnership will broaden the availability of Pryv.io to customers in Asia Pacific and enhance the way they cope with sensitive data collection and utilization.

In a second phase, both companies intend to extend collaboration to Europe.

“Our partnership with Pryv aligns with our strategy to deliver best-of-breed IoT solutions that increase customer efficiency, productivity and quality of service” said Michiaki Satate, CEO at Interpolation. “Along our extensive experience in IoT and End-to-end solutions, we capitalize on Pryv’s expertise in data protection to design solutions that make the most of IoT connectivity while addressing markets’ strict regulation compliance, interoperability needs, and privacy concerns”

Businesses on the leading edge of data collection and usage are realizing that they will not be able to continue their existing business model without protecting consumers’ privacy. As data privacy increases in importance in Asia, Interpolation saw an opportunity to partner with one of the most rigorous privacy & data protection solution provider to deploy a platform where connectivity, secure personal data storage, consent management and compliance software is combined to offer businesses a comprehensive managed privacy service that improve transparency and user control regarding data privacy.

“We are pleased to welcome Interpolation to our partner network,” said Pierre-Mikael Legris, CEO at Pryv “The partnership capitalizes on the unique strengths of each entity; Pryv brings the power of its rigorous Privacy software capability to one of the most established and well respected IoT technology solutions providers in Asia Pacific; Intepolation complements this by bringing the benefits of its expert services and long-term relationships with customers in Asia to Pryv.”

In its initial phase, the partnership will address the privacy and IoT connectivity imperatives in Industrial and healthcare sectors where service providers are looking at keeping up with evolving regulations and protecting data privacy.

=====

Pryv is an independent software vendor, originating from the Swiss Federal institute of technology in Lausanne (EPFL), an environment well known for its ability to create thriving innovations and deliver on the Swiss values of quality, precision and reliability. The company helps organizations manage personal data from creation, to use, to sharing and enhanced rights such as transparency, portability and right-to-be-forgotten. Packaged for rapid integration, the software solution comes with turnkey IoT connectivity, secure storage vault, encryption protocols, fine-grained consent management and comprehensive auditing capability that radically cut IT development costs and accelerate time-to-benefit while addressing most stringent data protection requirements.

Contact: https://github.com/pryv

Interpolation’s corporate mission is to develop IIoT Solutions (Industrial Internet of Things Solutions) dedicated to infrastructures across the Globe with advanced IoT technologies. Interpolation’s Platform-as-a-Service enables Users to Manage Network/Sensor on various communication protocols, Visualize and Manage Storage in a single interface.

Visit NOCXX website or Interpolation website. 

Contact Europe: jlerrant@inter-polation.com

The post Pryv and Interpolation join forces to deliver a unique Privacy-as-a-Service offering to Asian Markets appeared first on Pryv.

Lausanne, June 26th, 2018 — Pryv, the leading provider of privacy and personal data management software, today announced a partnership with Net4all which will give Swiss startups and SMEs access to a secure, compliant and fully managed cloud hosting solution for Pryv.io. This partnership will ensure that sensitive personal data is duly managed thru its lifecycle and kept completely secure under the stringent standards of the Swiss LDP and GDPR legislation. Net4All, one of the top hosting providers in Switzerland, is specialized in Web Hosting, Managed Services and Cyber Security for information systems and digital platforms. The company is ISO 27001 compliant.

“With Pryv.io on a managed cloud, customers get up and running quickly, with enterprise class operational support and proactive monitoring” says Anthony Gerard, CEO at Net4all.

“This way, in-house SME teams can focus on innovation and getting out to market quickly while Pryv and Net4all deliver core privacy functionalities as a service”

Managing privacy can be a costly capital expense that requires skilled resources to operate and maintain business applications in a secure and reliable manner. By hosting Pryv.io within Net4all world-class data centers and leveraging their expert management services, startups and SMEs gets the best of both worlds – rigorous privacy preserving capability at reduced operational costs, greater performance and reliability.

“Today, we are seeing more than three-quarters of startup customers ask about managed cloud hosting” says Pierre-Mikael Legris, CEO at Pryv. “As that deployment model becomes the norm, we are now ready to enable our customers to move to the cloud with confidence, fast, and leveraging the highest standards of reliability, security, and scalability.”

Through this trusted partnership, hosted customers receive the following benefits:

• A secure hosted environment that best suits their needs, with 24/7/365 support
• Full ownership of the data and retention of the software rights
• Custom tailored backup and data retention policy
• Ability to customize their application and still remain in the cloud
• Receive software updates and services packs at no additional charge.  

Net4all and Pryv will offer four managed hosting packages with varied levels of support, beginning from a “get started” offering for POCs to a premium Platinum Package for large scale, mission critical environments. The Pryv and Net4all team will sit down with you for consultation to assess your needs and the level of support needed.  

The post Pryv partners with Net4all to launch a managed hosting solution for privacy and personal data management appeared first on Pryv.

Lausanne, June. 15, 2018 — Pryv, the leading provider of privacy and personal data management software, announces that it has signed a partnership agreement with Altran, the leader in Engineering and R&D services empowering the next generation of healthcare evolution.

This partnership puts the patients at the heart of MedTech innovation and protects their privacy complying the most stringent data regulations with Altran acting as an end-to-end R&D engineering partner developing smart, patient-centric and compliant medical devices. Pryv brings trust, transparency and control over the use of sensitive medical data.

“Medtech companies operate in one of world’s most regulated environments, and scrutiny and complexity are only increasing” says Andreas Kuhn, CTO at Altran Switzerland. “Pryv extends our regulatory expertise with a rigorous data protection capability that accelerate time to compliance and enable privacy-preserving design from the outset of product development”

Altran and Pryv teamed up to enable Riva Digital, a Swiss eHealth initiative tackling the problem of hypertension in Switzerland.

The initiative encourages citizens to maintain healthy lifestyle behaviors and instantly keep tab on their blood pressure level right from their smartphone.

The medical-grade monitoring app builds on a breakthrough optical blood pressure monitoring method from the Swiss Center for Electronics and Microtechnology (CSEM), App development and integration from Altran and rigorous privacy and personal data management capability from Pryv. 

Riva digital bets that one year from now 100,000 people will have demonstrably lowered their blood pressure.

Pryv helps organisations manage personal data from creation, to use, to sharing and enhanced rights such as portability and right-to-be-forgotten. Packaged for rapid integration, the software solution comes with a secure storage vault, encryption protocols, fine-grained consent management and comprehensive auditing capability that radically cut IT development costs and accelerate time-to-benefit while addressing most stringent data protection requirements.

Altran ranks as the undisputed global leader in Engineering and R&D services (ER&D), following its acquisition of Aricent. The company offers clients an unmatched value proposition to address their transformation and innovation needs. Altran works alongside its clients, from initial concept through industrialization, to invent the products and services of tomorrow. For over 30 years, the company has provided expertise in aerospace, automotive, defense, energy, finance, life sciences, railway and telecommunications The Altran Group generated revenues of €2.9 billion in 2017, with some 45,000 employees in more than 30 countries.

The post Altran Switzerland and Pryv join forces to give Life sciences customers a GDPR-proof path to connected health applications appeared first on Pryv.