Overview

Castlebridge worked with an early stage MedTech startup working in the medical messaging space, advising on the implementation of Data Protection by Design and providing outsource DPO services.

The Pain Point

The client was an early stage MedTech startup founded by a medical professional who had identified potential issues and risks arising from the use of “consumer grade” instant messaging applications on smartphones by medical professionals to share patient information with colleagues for consultations.

The client lacked sufficient expertise and understanding of data protection law and practice to clearly define the market need and also required assistance in engaging with existing healthcare Information Governance procedures in Ireland, the UK, and other jurisdictions.

Assistance also required implementing Data Protection by Design/Privacy by Design concepts in product road map, particularly in respect of additional innovations in the context of ChatBot technology applications implemented through the secure messaging application.

The Plan

Castlebridge engaged with client as an Outsource DPO. We conducted detailed research into commonly used messaging applications, both “consumer” and existing clinical SMS systems operating in other jurisdictions. We trained the Senior Management team in Privacy by Design, as well as providing support to the team when engaging with healthcare DPOs and procurement functions in Ireland and overseas.

The Outcome

While the client’s application and market proposition have evolved since the initial engagement, Castlebridge is still engaged with them providing support and engaging on queries. The original product vision of a secure medical messaging application has evolved into a conversational decision support and information distribution tool based on bot technologies.

The potential for this approach to support data protection obligations such as purpose limitation and data minimisation was identified early on in workshops between Castlebridge and the client.

The client’s vision of improving information exchange in a clinical environment with simple and intuitive tools that support data protection obligations and data quality needs continues to develop, with Castlebridge continuing to assist.

Project

Secure Medical Messaging

Sector
  • MedTech
  • Startup
What We Did
  • Research
  • Strategy
  • Privacy by Design
  • Outsource DPO
  • DPIA