Recently, joined forces with SoftComply to present an introductory webinar on MDR and GDPR. Here's your chance to watch if you missed it.

Last month, and SoftComply presented a webinar titled "MDR & GDPR: practical tips and tools for health innovators." The webinar focused on the link between MDR and GDPR, highlighting some of the key aspects and showing useful tools that can help. MDR is a hot topic right now, so we have made the recording of the webinar available for everyone.


In the first half of the webinar, Matteo Gubellini from SoftComply presented an overview of how MDR differs from the existing MDD. He explained the new requirements that MDR imposes. Then he showed the timeline for certifying devices including details of how long MDD certificates remain valid. Importantly, Matteo explained that some devices cannot take advantage of these extended deadlines. That means those devices MUST receive an MDR certification by May 2020. Specifically, this affects devices that are self-certified under MDD or that don’t fall under MDD at all.

Devices that are self-certified under MDD must receive an MDR certificate by 26 May, 2020.

At the end of his talk, Matteo showed how SoftComply is able to help with the compliance process, especially with document management.


In the second part of the webinar, our CEO, Dr Jovan Stevovic, talked about the link between GDPR and MDR. Effectively, MDR requires you to comply with the GDPR. In other words, if your health application is not GDPR compliant, it will not get an MDR certificate. Jovan explained that health applications are generally delivered using Platform as a Service or Backend as a Service. He showed examples of these and highlighted that some major providers are not suitable for health applications. This is because the technology they use is not sufficiently secure for either GDPR or HIPAA (the US act dealing with health data).

Google Firebase and AWS are not suitable for storing health data without putting in place additional measures.

Jovan summed up by explaining that this is a heavily regulated market. As a result, you need to choose your provider carefully and seek advice on technical, legal and compliance matters.

If you were unable to attend the webinar, you can still view it using the link below. And please sign up to our newsletter if you want to be informed about future webinars and events.