We at Chino.io are proud to announce that we have become the first medical DB as a Service provider to receive ISO 13485 certification.

In the upcoming months, we will travel across Europe to the events in digital health. This short blog post will provide you with a summary of these digital health events and why you should join us there!

By storing data locally on a user's device, you have fewer administrative obligations compared to when you transfer and process data in the cloud. However, you still need to provide methods to delete data in case of device theft or loss.

Under GDPR, anonymous data is not treated as personal data, therefore no user consent and no particular protection is required. However, it is very difficult to ensure that the data is truly anonymous.

This brief post summarizes some of the key points relevant to Digital Health companies.

The typical ticked boxes in subscription forms are no more enough: in four months from now every company will have to ensure that the consents on processing of sensitive data.

Certification bodies and Italy's DPA can then issue certifications. However, these need to follow some "certification criteria" (as demanded in art. 42(5) GDPR) which must be as well identified by the Garante.

One of the many new concepts introduced by the GDPR - the EU General Data Protection Regulation - is the Data Protection Impact Assessment (DPIA), regulated at art. 35. The DPIA can be defined as a process designed to.

As a Digital Health Enterprise, one of your first concern should be how to protect the health sensitive data that you are collecting from your users and storing/managing in your service.