Feature in Focus – GDPR
Our ‘Feature in Focus’ this week isn’t really a feature, but more a set of features based around keeping you and your organisation compliant with GDPR.
GDPR was introduced in May of 2018 and was ‘designed to modernize laws that protect the personal information of individuals.’ Many childcare providers will have made wholesale changes to the way they gather, hold, and share personal information of their children or parents as a result of the multiple policy changes. With data security of the highest priority and daunting noncompliance fines looming, magicbooking have generated a platform which can be the solution to your GDPR headache.
So how does Magicbooking ensure you comply with GDPR?
Magicbooking is fully compliant with GDPR regulations and, therefore, your data is protected. Before making any bookings, parents must register an account and complete details of themselves and their children set by you using mandatory or optional fields. Each parent has their own log-in and password and can update information when required. Magicbooking is fully transparent about what and how data is stored and the terms and conditions of both Magicbooking and the relevant client are always available for parents to access through their account.
Magicbooking also makes the process of choosing to be forgotten easy and clear, with a dedicated tab for the process on the parents’ ‘My Account’ page. Parents can make a request to be forgotten and this is submitted to the clients’ administrators. As you are probably aware, there are legal requirements to keep some records including injury or incident reports and financial data. Therefore, once a request is approved, the parent’s account is anonymised but the underlying data can be recovered if necessary.
From a clients point of view, Magicbooking is a market leader in how it grants differing levels of access to members of a clients organisation. Clients can allocate access levels for different adminsitrators, for example you can restrict access to financial data to certain staff. This ensures that data is only available to those who have a legitimate use for it.
Magicbooking provides a full audit trail for clients so you are always able to see the activity on an account including the person who made the transaction. We also use the highly certified security of Microsoft Azure as our cloud storage system which means that should the worst occur, data breaches can be easily identified, and users notified well within the mandated 72-hour period.
All these features ensure you are compliant at all times and have control over the data you store and who you share it with.