What is Butterfly doing to comply with the GDPR?
Butterfly has embarked on a compliance project with support from specialist external advisors to address GDPR compliance. Specific measures we have taken include:
- Appointing a data protection officer (DPO) to oversee the continued development of Butterfly's commitment to data protection.
- Amending our contracts with vendors and customers to ensure the terms comply with the GDPR.
- Ensuring our privacy policies and notices clearly explain Butterfly's commitment to the GDPR and the rights which individuals have with respect to their data. You can review the Butterfly Privacy Notice here.
- Formalizing our processes around data subject rights to ensure that we are able to more efficiently help our customers respond to data subject requests.
- Ensuring the use of robust and appropriate security measures to safeguard any data collected and processed on systems owned or managed by Butterfly.
- Carrying out Data Protection Impact Assessments to identify and minimize risks to Patient Data.
- We are in the process of self-certifying to the EU-US and Swiss-US Privacy Shield Frameworks to ensure that customers can lawfully transfer EEA and Swiss data to Butterfly for processing and storage in the United States.
Butterfly Network is committed to addressing GDPR compliance and understands the importance of this to its customers. For more information, visit our GDPR FAQs.