Novellas Healthcare certified GDPR-compliant after i~HD’s IDHIS audit

i~HD President Dipak Kalra (left) congratulates Novellas CEO Tom Torfs (right)

The European Institute for Innovation through Health Data (i~HD) formally launched their newest certification programme.

This launch was indeed an inaugural occasion. Prof Dipak Kalra, President of i~HD, representing i~HD’s certification board, granted the i~HD IG1-2020 certificate in the late summer of 2022 to Novellas Healthcare NV for their patient support programme. Mr Tom Torfs, Novellas’ CEO accepted the award.

i~HD President Dipak Kalra © Kamiel Maes

We are delighted to have worked with Novellas through our assessment of their organisational processes, staff capability and technology solutions, to help them to perfect their GDPR compliance and security safeguards, and finally to have issued them with the i~HD IDHIS Certificate.” shared Dipak Kalra, i~HD President.

 We started an unknown journey with i~HD in the belief that by doing so, we can highlight a higher level of quality and boost trust for our clients. We started an unknown journey with i~HD in order to reach a higher level of quality and to boost trust for our clients. I~HD is not only the first information governance certification programme of its kind but also the first audit programme that is very constructive.” said Tom, CEO of Novellas Healthcare.

Novellas CEO Tom Torfs receiving the certification © Kamiel Maes

Companies and organisations that successfully pass the IDHIS (Information Governance & Data Privacy for Health ICT Systems) audit receive the IG1-2020 certificate. External and expert auditors perform this audit and check whether an organisation’s health-data-governance execution is fully compliant with the European Commission’s General Data Protection Regulation (GDPR).

From day one, Novellas Healthcare team’s engaged themselves, entered the audit with transparency, and fully collaborated with i~HD and the certification board.

i~HD Managing Director Geert Thienpont © Kamiel Maes

During the first meeting with Novellas, it quickly became evident that increasing business efficiency by gaining trust was a focus within the company.” noted Geert Thienpont, managing director at i~HD’s.

The journey to obtain the certificate was accompanied by support and open communication. Constructive feedback throughout the process made both our companies better.” said Kelly Alix, Data Protection Officer of Novellas Healthcare.

Kelly Alix, Novellas Healthcare's Data Protection Officer

According to the certification board, Novellas is compliant with the six IDHIS audit criteria sets (with 142 criteria points) focusing on:

  • Accountability
  • Transparency
  • Information security management and Implementation
  • Audit readiness
  • Data Processing – Ethical Practice, Impact Assessments, Minimization, Accuracy and Retention
  • Enforcement and Corrective Action Capability

For Nathan Lea, one of the IDHIS auditors, this proves Novellas’ persistent dedication to data governance.

IDHIS auditor Nathan Lea © Kamiel Maes

As auditor, I am satisfied that Novellas’ Patient Support Programmes operate to the highest standards for GDPR and best practice adherence when handling health data.” Nathan Lea, IHDIS auditor, affirmed.

Both Novellas and i~HD recollected the smooth progress of the audit process, resulting from their close collaboration. Novellas’ participation in the audit process and subsequent certification proves that they uphold values. Moreover, it shows trust in the collaboration with i~HD.

Furthermore, Novellas’ sentiment during the experience was more ‘receiving guidance’ rather than ‘being audited’ in the optimization process. This ultimately led to a company profile of an engaged, qualitative and accountable partner for their clients.

i~HD Business Development and Audit Manager Christophe Maes © Kamiel Maes

Christophe Maes, i~HD’s Business Development and Audit Manager, told us that, on top of the audit, i~HD also provided training to Novellas, “The external GDPR experts of i~HD appreciated the readiness of the Novellas Healthcare staff to increase their GDPR maturity level. During the one-year journey, the i~HD experts assisted the staff with GDPR tutorials, GDPR implementation strategies and GDPR enforcement procedures.

i~HD has guided Novellas Healthcare perfectly in the optimization of processes within the company, which have an added value both internally and externally (towards clients).” remarked Inge Wyns, Novellas Healthcare’s Quality & Compliance Manager.

Novellas Quality & Compliance Manager Inge Wyns © Kamiel Maes
Anke Verheyen, Novellas Healthcare's International Project/Quality & Compliance Manager © Kamiel Maes

i~HD proves that the true standards of audit practice are found within the auditor’s character: honesty, integrity, self-control and high ethical values. This way of working makes i~HD unique in the field.” added Anke Verheyen, International Project/Quality & Compliance Manager for Novellas Healthcare.

Novellas team with certification (L-R) CEO Tom Torfs, International Project/Quality & Compliance Manager for Novellas Anke Verheyen, Quality & Compliance Manager Inge Wyns and Data Protection Officer Kelly Alix © Kamiel Maes

If you are interested to have the same certification to gain more trust in your organisation and company as data facilitators, visit the IDHIS webpage.