Our Data Protection Organization
Fresenius Kabi operates a central data protection center of competence. This center has set up a data protection management framework in alignment with ISO 29100 (privacy framework for the protection of personally identifiable information). The competence center aims to implement a harmonized and consistent way of processing personal data across all Fresenius Kabi entities. It sets the policies, procedures and standards for data protection and provides tools and processes for the employees as well as training and awareness material. Furthermore, this center provides expertise on all data protection topics.
Our local data privacy advisors at the various Fresenius Kabi legal entities support local management in their compliance efforts. They do this by executing risk and compliance assessments for the different data processing activities. With these assessments we aim to integrate data protection requirements into the design of our processes and IT systems.
At Fresenius Kabi, we know information security is important to our customers, patients, and business partners. We are committed to maintaining information security through responsible management, appropriate use, and protection in accordance with legal and regulatory requirements and our agreements.
The monitoring of our data protection compliance efforts is overseen by our data protection officer.
Our Data Protection Policy
The Fresenius Kabi Group has adopted Binding Corporate Rules on the protection of personal data. These rules have been approved by the European Data Protection Authorities and describe the principles for protecting personal data and determine how we apply them when collecting and processing personal data.
The Fresenius Binding Corporate Rules and associated security policies and procedures aim to create a global adequate and uniform level of data protection across our group. They also set the rules for the internal data transfers between Fresenius Kabi companies and our internal service provider worldwide.