What we do Data protection

Privacy, security, and data protection by design

All of our products are designed to preserve privacy, safeguard data and defend individuals’ rights.

1

Strict framework of data management and security

2

Fully embedded technical and safety controls

3

Advanced cryptography for privacy and integrity

4

Complete data lifecycle approach

5

Stringent third party contracts to control data use

6

Thoroughly trained and accountable team

Pseudonymisation vs anonymisation

We believe that there is only one way to protect individuals’ data, and that is to fully and irreversibly anonymise it. At FITFILE, we never pseudonymise data, and this is why:

 

 

Legal and regulatory compliance

We are proud to defend individuals’ rights. What we demand as individuals, we deliver as FITFILE professionals.

Our processes naturally comply with all applicable laws and regulations.

A forensic review by Taylor Wessing confirmed that our technology and processes render data irreversibly anonymised, and that the GDPR no longer applies post-anonymisation.

However, we believe trust is built and maintained not by mere compliance, but by a higher ethical standard. This is enforced by FITFILE’s Advisory Council, which oversees all of our data operations.

Certification and accreditation

Defending individuals’ rights by safeguarding their data and privacy is why FITFILE is different. Data protection, privacy and security are the foundation of everything we do, ingrained deeply in our culture, processes and technology. Some of the key global standards we comply with include:

Data Protection and Privacy

Security & Quality

Data custodianship

FITFILE’s data custodianship is built on inter-locking pillars of organisational structure, governance, and technology. Our custodianship focuses on ensuring proper data handling, separation of data providers and users, transparency, and best practices through independent oversight by FITFILE’s Advisory Council.

Our Advisory Council is responsible for making recommendations on data handling, policies and procedures, secure long-term custodianship, and compliance.

The Advisory Council consists of carefully chosen healthcare experts and patient representatives known for their experience and sector qualifications. Their voice ensures that all company decisions and policies are grounded, and in line with best practice Patient and Public Involvement and Engagement (PPIE).

Our technology