LabKey Server provides a broad range of tools to help organizations maintain compliance with a variety of regulations including HIPAA, FISMA, CFR Part 11, and GDPR. GDPR compliance can be achieved in a number of different ways, depending on how the client organization chooses to configure LabKey Server.
The core principles of GDPR require that users in the EU are granted the following:
- The ability see what data is collected about them and how it is used
- The ability to see a full record of the personal information that a company has about them
- The ability to request changes or deletion of their personal data
To comply with the GDPR, client organizations must implement certain controls and procedures, including, but not limited to:
- Defining what "deletion of personal data" means in the context of the specific use case
Your compliance configuration should be vetted by your legal counsel to ensure it complies with your organization's interpretation of GDPR regulations.
Premium Resource Available
Subscribers to premium editions of LabKey Server can learn more about how GDPR compliance was achieved at LabKey in the following topic:
Learn more about premium editions