Veeva Network and GDPR
Designed for life sciences, Veeva Network Customer Master consolidates everything you need to know about your customers giving you accurate and clean customer master data which is the foundation for GDPR compliance.
Read our blog: Why Master Data Management is the Foundation for GDPR Compliance
Veeva Network has data governance functionality and data change request workflows to make sure that data is current and accurate. Since Veeva Network is pre-integrated with Veeva CRM data change requests can be submitted directly from the field force. Data stewards review and approve change request to make sure that only verified data is stored in the application. This process allows a fast and correct response to rectification requests.
Right to Be Forgotten
Veeva Network Customer Master provides two different options to handle deletion of personal data requests. Life sciences companies can either use the “Custom Opt-out” functionality in order to flag HCPs as opted-out and to restrict visibility on opted-out HCPs. This opted-out flag can be distributed to integrated downstream systems.
Learn more »
Alternatively, life science companies can use more rigorous functionality. Veeva Network has functionality to delete and anonymize HCPs and restrict visibility on deleted records. Integrated downstream systems can be notified about the deletion and anonymization of an HCP record.
Veeva Network has rich functionality to get insights into master data via the Network Reporting module. With Network Reporting you have the possibility to explore the complete customer master data managed in Network. The reporting results can easily be downloaded into a CSV file.
Learn more »
You can also export HCPs personal data into commonly used data formats. Life sciences companies can use file exports, SQL-based reports as well as APIs to transfer HCP records to other applications or services.
Learn more »
Storage Period Limitation
Veeva Network has functionality to delete and anonymize HCP records when the storage period has expired. Integrated downstream systems can be notified about the deletion and anonymization of an HCP record.
Veeva has an Information Security Management System (ISMS) and maintains current ISO 27001 and 27018 certifications. Veeva is continually reviewing its security measures for enhancements, including as part of its GDPR Compliance Program.
Veeva has a data breach management policy and a security team in place to identify violations and to ensure correct and timely action. If Veeva becomes aware of a data breach, it will contact the customer(s) affected within 72 hours.