Privacy Policy

At Medisights, we are committed to maintaining the highest standards of data integrity and transparency. This Privacy Policy outlines how we handle data in our syndicated market research and the rigorous protections we have in place should the processing of personal information become necessary.

Our Role as Data Owner

Medisights Holdings Inc is the Data Owner of all syndicated data sets provided through our services.

• No PHI/PII Processing: In our standard operations for supplying syndicated market research, Medisights does notprocess Protected Health Information (PHI) or Personally Identifiable Information (PII).

• Anonymity: Our research is designed to provide market insights without compromising individual privacy.

Data Protection Principles (GDPR)

While our primary business model avoids the use of personal data, we maintain a robust framework to ensure compliance with GDPR Article 5 if processing is ever required. We adhere to the following principles:

• Accountability: We maintain detailed records of processing activities.

• Risk Assessment: We conduct Data Protection Impact Assessments (DPIAs) for any high-risk processing activities.

• Security: We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk.

Regional Compliance

United Kingdom & Europe

For all Europe and UK-based operations, we strictly adhere to the EU GDPR and the UK Data Protection Act 2018. We follow the Information Commissioner’s Office (ICO) guidance regarding security, accountability, and the rights of data subjects.

United States (HIPAA)

Medisights Holdings, Inc. systems are not required to be HIPAA compliant. This is because our systems do not process US Protected Health Information (PHI).