Blueprint OMS and the General Data Protection Regulation (GDPR)

March 29, 2018

We are now getting close to the date when the European Commission’s General Data Protection Regulation (GDPR) will take effect. Blueprint Solutions currently provides leading office management solutions for hearing healthcare providers in five EU countries, and as such is subject to the regulation.

Blueprint Solutions has been preparing for the regulation to take effect. In this brief post, I will address some of the common questions that we have received regarding GDPR, starting with the first and most pressing question: Is Blueprint Solutions in compliance with the regulation? The answer is YES. Here are some additional questions we have received from our clients.

Q: Where is my data hosted?
A: Data for European based clients is stored in a secure data center in London, UK, which is managed by our infrastructure partner EveryCity. The data center provides the latest server and security technology and is ISO 27001 certified. More information about our data center and its security measures, can be found here:

Q: What about backup?
A: Data is backed up both onsite at the data center, as well as at another secure site also in the UK. Blueprint Solutions retains hourly data backups for 24 hours and nightly data backups for 30 days. They are stored at multiple physical locations within the UK.

Q: Is my data encrypted when transmitted?
A: Yes, data is encrypted using 128 bit encryption.

Q: What data access controls are in place?
A: First of all, each user must have a unique user ID and a password. In addition, access can only be obtained through the Blueprint OMS application, and a unique access key is required to activate the application. In other words, access cannot be obtained through a web browser, as is the case with many other applications. Access to the system can also be restricted by IP address.

Q: What if I want a copy of my data?
A: As per our license agreement, your data is your property and is considered confidential. We can provide you a complete, encrypted backup of your data within 1 business day of the request. 

Since Blueprint Solutions is also providing office management solutions for hearing healthcare providers in the US, we are subject to, and in compliance with, the Health Insurance Portability and Accountability Act (HIPAA). There are similarities between the two regulations, and in many cases the HIPAA regulation has more specific and stringent requirements.

It is also important to mention that some requirements rest specifically on the clinic, including data security on the PC level and obtaining patient consent for distinct purposes of processing. Consent must now be obtained separately from other written agreements, clearly presented and as easily revoked as given. Specific rules apply for children.

For questions or comments, please contact Henrik Nielsen at                     

Posted in: Blog
Related Articles

Create engaging emails in minutes!

November 28, 2023 | Leah Wosje

Our new email designer lets you create visually appealing templates with graphics, buttons, photos, social media links, and varied fonts...

Read More

New Tinnitus report template available!

November 15, 2023 | Leah Wosje

We have received several requests for a dedicated tinnitus report template. In collaboration with a few of our...

Read More

4 reasons why your practice should be using online forms in Blueprint OMS

October 4, 2023 | Leah Wosje

In today’s fast-paced world, online forms have become an essential tool for clinics, allowing them to streamline their...

Read More
No comments
Leave Comment