Compliance

Compliance at ScheduleOnce

The ScheduleOnce security and privacy program is a multi-layer system of controls designed to comply...

HIPAA compliance

Note: To comply with HIPAA, you must sign a Business Associate Agreement (BAA) with ScheduleOnce. Th...

GDPR compliance

The General Data Protection Regulation (GDPR) is the European Union's new data protection legislatio...

Maintaining records of processing under the GDPR

Under Article 30 of the GDPR, data controllers and data processors are required to maintain appropri...

The ScheduleOnce BAA

The ScheduleOnce Business Associate Agreement (BAA) is a legal mechanism for ensuring patient data i...

Establishing a lawful basis for processing under the GDPR

Under Article 6 of the GDPR, controllers must have a lawful basis for processing data. There are sev...

Collecting consent for processing under the GDPR

The General Data Protection Regulation (GDPR) requires organizations to establish a lawful basis for...

Securing your account according to the GDPR

Data protection by design and default require controllers to ensure the security of their ScheduleOn...

Data minimization under the GDPR

Data minimization is a key GDPR principle. Article 5 of the GDPR states that data collection should ...

Data subject rights under the GDPR

The General Data Protection Regulation (GDPR) grants new privacy rights to data subjects. The aim of...