Each of us is a person processing various types of data. Processing is not only sharing, modification, preparing or recording, but also mere storage of data. Inadequate protection and handling it can not only be a cause of financial problems, but also lead to enterprise liquidation or unpleasant legal consequences. For this reason, certain entities have special duties concerning data confidentiality – particularly personal information and sensitive data. Protection of this data is also an important element of management control in an entity.
Determining the protection rules for processing personal information and other legally protected information, taking into account all procedures covering technical and organisational means related to proper protection of personal information, is the responsibility of the Data Administrator (DA). Control and supervision of compliance with these rules are the duties of the assigned Information Security Administrator (ISA).
ISA duties include:
• Reporting and updating data sets, and correspondence with Inspectorate General for Personal Information,
• Preparing internal executive regulations concerning the method of processing personal and employee information, and technical and organisational means ensuring its safety, and supervising their deployment and the entire protection system,
• Approving templates of documents related to personal information protection, authorisations for their processing and their scope, declarations of familiarity with regulations and their registering,
• Restriction of unauthorised user access to the personal information processing system and monitoring all users’ access,
• Conducting training on personal information protection.
Proper organisation of such protections must enable processing the information in a manner that is confidential, integral, verifiable and accessible for authorised users.
DA can, by way of a contract, entrust the information processing to another entity. Velvero offers ISA service outsourcing and preparation, deployment and supervision over correct functioning of the personal information protection system.
As Velvero, we offer:
Delegating such duties to Velvero will provide you with a guarantee that personal information is stored and processed in a safe manner compliant with current legal regulations. Professional consulting on this subject will enable minimising the risk of data leaking outside the entity’s area and limit the access of unauthorised persons to the data system.