We are cooperating with our customers regarding solutions for the Personal Data regulations.
The European Union has enacted Personal Data regulations, which will apply from May 2018. In the spring of 2017, the Ministry of Justice is expected to present preliminary legislation for enactment during the spring of 2018.
Schantz’ handling of personal data regulations
Schantz has initiated a project which includes a reference group consisting of recognized experts in the field. The Personal Data regulations are likely high up on our customers’ agendas, and in this respect we are a key stakeholder. Therefore, during the course of the coming spring of 2017, we will begin collaborating with selected clients to pinpoint potential solutions regarding this important area. Subsequently, we will start a dialogue with all of our customers about necessary measures in relation to their cooperation and contracts with Schantz.
The project’s plan and workflow:
- The project is currently performing a risk assessment of Schantz systems, processes and agreements in relation to the Personal Data Regulation. The risk assessment execution is based on the ISO27005 check list, with the addition of a scale indicating the amount and degree of sensitive data that is processed and/or stored
- The Risk analysis is accomplished using internal forces across the Schantz organization with sparring from experts within privacy legislation and auditing IT secure processes
- The Risk analysis provides the foundation for assessing development needs
- Development of systems, policies and training will be carried out in 2017, and it is planned to finish in January with an audit
- From January to May 2018 we will apply adjustments according to comments from the audit
For more information about the personal data regulation, please contact COO Stiig Berg Andersen.