One of the most frequent questions we get asked is:

“Is WriteUpp GDPR compliant?”

Unfortunately, it’s the wrong question to ask as “compliant” implies a level of ratification that doesn’t exist. No one is certified against GDPR.

Whether you’re a data controller or data processor, it’s your responsibility to comply with the regulation based on:

  • your interpretation of the regulation
  • the applicability of the regulation to your specific business
  • your assessment of the risks associated with recording and processing personal data

As there isn’t a box that we (or you) can tick to say you are compliant, you can look for the  ISO27001:2013 certification: it is recognised worldwide as the standard for information security management.

GDPR and ISO27001:2013 are not one in the same thing, but in the absence of any mechanism to validate compliance with GDPR, it:

  • is a rigorous and rewarding process to go through in tandem with GDPR
  • independently challenges our internal systems, processes and thinking on security
  • provides data processors (like you) with peace of mind about our security management systems

WriteUpp has been ISO27001:2013 certified since 2017. Below is our certificate:
QMS
To ensure that we don’t rest on our laurels an annual audit is carried out by an external third party to ensure our systems continue to meet the stringent requirements set out in the ISO 27001 standard.

If you’re unfamiliar with ISO27001 you can find out more here -> ISO27001:2013 Information technology — Security techniques — Information security management systems — Requirements

If you would like to verify our certification please click here and enter our Certificate Number: 275372018

Author

Bob is the CEO and Co-Founder of WriteUpp. He has led WriteUpp from its original roots in the NHS to its position today as one of the leading practice management systems in the AHP space. He’s a thirty-year veteran of the technology industry, previously working for major tech companies like Oracle before becoming the youngest CEO of a publicly quoted business in 2000. Outside of work, Bob spends time with his family and travels extensively.