CASE STUDY
Meltmedia Case Study
How a digital marketing agency supports new biopharma clients by making their own software GDPR and CCPA compliant.
“RSI Security was the best conversation, had the most appropriate pricing, and was just the right amount of invasiveness for our organization.”
- Ron Barry, VP/Founder of Meltmedia
Challenges
Power Digital is a marketing agency that empowers its clients to maximize their potential by creating great customer experiences, building brand loyalty, and capturing new market share. Power Digital’s passion and processes help clients to become the best versions of themselves.
To better serve clients in the healthcare industry, Power Digital needed to achieve compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Under HIPAA, all business associates of covered entities need to limit the use and disclosure of protected health information (PHI) to permitted use cases. Eligible organizations must also install administrative, physical, and technical safeguards to ensure security, integrity, and confidentiality of PHI.
GDPR Pre-Assessment
Since most of their client’s digital marketing efforts would run on meltmedia’s software, the first step was to conduct a GDPR pre-assessment. This phase helped determine what changes or improvements to meltmedia’s software needed to be made to meet GDPR standards.
This was conducted by RSI Security’s team working alongside meltmedia’s internal compliance team of about three members.
“RSI Security has been great to work with, and their teams are easy to communicate with,” Barry says. “They gave us realistic tasks to work on – and a lot of help – throughout the whole process."
GDPR Remediation
After the pre-assessment phase, RSI Security’s team worked hand-in-hand with meltmedia to ensure their marketing software and data security practices were up to GDPR snuff while engaging their biotech sales prospects.
“Working with RSI has helped meltmedia solidify our commitment to being thought leaders in the data privacy and security space. As a company, we’ve always considered ourselves stringent about this, but understanding and implementing GDPR principles helped us take it to another level. We would not have been able to navigate through identifying gaps, updating our best practices, and creating a manageable plan for continued maintenance without the guidance and support of RSI as partners and resources.”
Ashley Beckman, Internal Project Manager of meltmedia
GDPR Operationalization
Finally, RSI Security helped meltmedia fully integrate and operationalize GDPR best practices into their software, resulting in full GDPR compliance. Not only does meltmedia have an official GDPR certificate of attestation, but their partnership with the new client is flourishing.
“Between our PCS team and operations team, we’ve been operationalizing GDPR with the help of RSI Security for over the last year. And it’s been a really great run,” Barry says.
Outcome
Thanks to meltmedia’s forward-thinking stance towards addressing GDPR well ahead of time – before even engaging with RSI Security – most of their software and processes are now built to be GDPR compliant from the ground up.
“Securing the client relationship was the big win for us,” Barry explains. “Even more important to our company globally is that these GDPR compliant solutions we built for one or two clients are now broadly available to every potential customer in our biotech and pharma marketplace.”
- Ron Barry, VP/Founder of Meltmedia