Medica, once a small business, has grown into the premier provider of managed services to the HSE and the leading teleradiology provider in Ireland and the UK. With a dynamic and innovative approach, the company has expanded its reach significantly. Serving over 36 HSE hospitals and private clinics, Medica has facilitated the treatment of more than 250,000 patients this year alone. With a workforce of over 180 employees in Ireland, Medica continues to evolve and advance in its industry.

Challenges Medica faced

Initially, Medica encountered several challenges that highlighted the need for PrivacyEngine’s solutions. With the advent of GDPR in 2018, our journey toward compliance underscored our requirements. Even though we had worked with PrivacyEngine (then called Sytorus) briefly during our GDPR preparation phase, it became clear that:

  1. Consistency and Churn in DPO Roles: We experienced turnover in Data Protection Officer roles, which made consistency a challenge in our data protection efforts. Each new DPO had their own approach and preferred methodologies, which didn’t always build on what was previously done and felt a little like ‘starting over’ each time.
  2. Manual and Inconsistent Processes: Prior to partnering with PrivacyEngine, we were mired in manual processes for managing our data, including using a manual excel data information asset register. These processes were inconsistent and subject to the interpretations of various individuals, complicating our data management and making policy enforcement challenging.
  3. Complex Regulatory Compliance Landscape: Navigating the complexities of GDPR compliance made it evident that we needed a more structured and robust approach than our ad-hoc, manual methods and the interpretations brought by different DPOs.

Solutions Medica Implemented

Adopting PrivacyEngine’s platform was a game-changer for us, enabling us to tackle several critical issues head-on:

  1. Establishing Consistency: PrivacyEngine’s system brought much-needed consistency to our data protection strategy, significantly mitigating the impact of internal staff turnover from both DPO and data champion perspective. The platform provided a structured approach and embedded expertise, ensuring continuity in our data protection practices, regardless of personnel changes.
  2. Streamlining Processes: Shifting from manual to automated processes simplified our data management tremendously. The platform offered clear, consistent processes for data entry, managing contracts, and reviewing policies, thus enhancing our efficiency and reducing errors.
  3. Practical and Pragmatic Data Protection: PrivacyEngine helped us adopt a more pragmatic approach to data protection. The platform made GDPR compliance more practical, focusing on straightforward, clear actions and policies – all linked clearly.

Results and looking to the future

Medica are experiencing multifaceted results, affecting not just our efficiency but overall culture around data protection.

  1. Enhanced Consistency and Efficiency: Implementing PrivacyEngine’s platform established a foundation of consistency across our data protection efforts, streamlining processes and making our operations more efficient. This consistency was crucial for handling policies, training, and data management, eliminating the need for reassessment and reinvention.
  2. Improved Data Protection Training: Through PrivacyEngine, we were able to roll out effective data champion training, significantly enhancing management’s engagement with and understanding of their data protection responsibilities. This training, facilitated by the platform, demystified data protection for our staff, emphasizing the critical role everyone plays in GDPR compliance.
  3. Broad Organisational Impact: Beyond operational improvements and training advancements, PrivacyEngine’s solutions have fostered a broader cultural shift within our organization towards data protection. The platform has enabled a more cohesive and informed approach to GDPR compliance, empowering our team with the knowledge and tools to be proactive in data protection. This shift has ingrained data protection into our daily operations, enhancing our overall compliance and reducing the risk of breaches.

In essence, how Medica have utilized and harnessed PrivacyEngine’s offerings is a testament to the transformative impact of PrivacyEngine’s products and services, from addressing our initial challenges to solving key issues, and ultimately significantly influencing our approach to and culture of data protection.


“PrivacyEngine helped us adopt a more pragmatic approach to data protection, steering us away from complex interpretations that could alienate staff. The platform made GDPR compliance more practical, focusing on straightforward, clear actions and policies.”

  • Caroline Byrne
  • /
  • CEO Medica