RODO (GDPR) and information security

PUBLIC ORGANIZATIONS
Protection of natural persons with regard to their personal information is one of the key requirements public organizations are obliged to observe to ensure their reliability and compliance with statutory law. The processing of personal information is guaranteed to be effective and compliant with the law when employee awareness regarding risks in this area is combined with and supported by optimal technological and organizational security solutions.
Our longstanding experience in building personal data and information security management systems will help your organization meet legal requirements and ensure secure information processing.

RODO/GDPR – General Data Protection Regulation

ISO 27001 and ISO 27002 – information security

KRI (NIF) – Krajowe Ramy Interoperacyjności/National Interoperability Framework for Poland

RODO/GDPR – General Data Protection Regulation

The requirements of RODO/GDPR with regard to protection of personal information of natural persons rely on fundamental principles  such as compliance with the law, reliability and transparency, purpose limitation, minimisation and accuracy, storage and retention, accountability, data integrity and confidentiality. In our RODO/GDPR implementation process we use the most up-to-date and reliable management practices.

Our consultants, using the SenseMaking Consulting Group methodology for the implementation of personal information protection systems in public sector organizations, will help you carry out an effective risk analysis and implement the best security practices compliant with RODO regulations.

ISO 27001 and ISO 27002 – information security

To assure an effective implementation of the information security management standards, an organization must meet statutory requirements for data protection and legal compliance, take into account the specificity of the public sector environment, and use relevant IT tools and solutions.
We will help you effectively implement an information security management system, relying on our original SenseMaking Practices© methodology and using reference models specific to public sector organizations. We will conduct risks analyses and suggest optimal information security solutions compliant with existing legal requirements, and guaranteed to effectively protect your processed information. Following the successful implementation, we will assist your organization towards obtaining the ISO 27001 Certificate.

KRI (NIF) – Krajowe Ramy Interoperacyjności/National Interoperability Framework for Poland

To implement the minimal organizational and technological  regulations for the interoperability of ICT systems and public registers, an organization needs to modify its IT architecture and infrastructure in order to ensure optimal operational performance and compliance.
Our implementation methodology, based on longstanding practical experience, will help you effectively adjust your ICT system to the standard compatible and compliant with the National Interoperability Framework.