GDPR compliant

In light of rapid technological developments and increased globalisation, the European Union created the General Data Protection Regulation. Replacing all data-related national laws, GDPR is directly enforceable in each EU member state.

Management of confidential and sensitive data is fundamental to the work of clinicians. As a result the new regulation affects doctors by introducing legal requirements around consent, transmission and storage of data. Private practice managers need to implement appropriate administrative and technical measures to ensure healthcare data is not susceptible to attack, misuse or misappropriation.

We take data protection seriously, as should every organisation, especially one dealing with sensitive data like patient and healthcare details. By implementing IT policies and procedures we maintain the integrity of your data and protect your patients’ privacy.


In order to prevent malicious attempts to intercept or read data, strong encryption algorithms and protocols are applied. The Zero Knowledge technology guarantees that no one but you can read sensitive patient information. Health data are encrypted at all times, both in transit and at rest, and only the authorised user holds the decryption key. As a result, even in case of a security breach, the attacker won’t be able to read the information.

Controlled access

It takes teamwork to run a private practice. Physicians, front office employees and nurses work simultaneously in Galen Office; but they have access to different types of information. The system administrator can define, assign and manage access levels and permissions. Restricting data access to what is required for each role is essential, if you want to prevent breach of trust and sensitive data leaks.

Continuous monitoring

At Galen Office, we run regular scans to expose suspicious activity and unauthorized attempts to access data, and flag them. Auditing allows us to identify weak spots and act immediately to strengthen them.

We have thoroughly analysed GDPR requirements and have put in place a dedicated internal team. Galen Office applies layers and system processes that characterise data protection in a distributed and highly dynamic data environment.