Veeva Nitro and GDPR
Veeva Nitro is a pre-built commercial data warehouse for life sciences. With its industry-specific data model and standard data connectors, companies can easily unify their most important data sources. Veeva Nitro is the foundation for artificial intelligence in life sciences.
Right to Be Forgotten
Accounts deleted from Veeva CRM are automatically inactivated in Veeva Nitro and can be excluded from visualization.
Veeva Nitro offers you multiple ways to extract personal data. It can be extracted via UI-driven or API-driven methods, including reports, report/dashboard APIs, query tools, and third-party ETL tools.
Alternatively, you can build a Veeva CRM MyInsights visualization summarizing personal data stored in Veeva Nitro. This summary can be printed and exported to be shared with your customers.
Restriction of Processing
Records in Veeva Nitro can be identified, exported, and deleted upon receiving a verified request to restrict processing in Veeva Nitro or allow access to visualization tools. If the restriction is lifted at a later date, the records can be re-imported.
Updates made to personal information in Veeva CRM are synced to Veeva Nitro.
Veeva Nitro keeps an effective dated history of most personal data.
Veeva Nitro can store values, including changes to the consent values over time. The personal data is sourced from Veeva CRM.
Veeva has an Information Security Management System (ISMS) and maintains current ISO 27001 and 27018 certifications.
Veeva continually reviews its security measures for enhancements, including as part of its GDPR Compliance Program.
Veeva has a data breach management policy and a security team in place to identify violations and to ensure correct and timely action. If Veeva becomes aware of a data breach, it will contact the customer(s) affected within 72 hours.
Privacy by Design
Veeva has established privacy by design and privacy by default policies and controls for all products.