Personal data protection
We examine the areas in which the Customer processes personal data, we assess relevant security measures and the legality of activities, and identify the processes for which personal data is collected.
Despite the amended Act on Personal Data Protection that came into force at the beginning of 2015, issues related to privacy protection still raise many doubts. Undoubtedly, apart from financial losses, the infringement of legal provisions related to personal data protection may give rise to consequences that are difficult to predict. These may be even more harmful as they involve loss of reputation of a company or specific orders that severely restrict its current operations. Therefore, it is advisable to check to what extent legal requirements are observed by a given organisation.
The purpose of the audit is to see whether the mechanisms that ensure personal data protection as part of company processes comply with the Act on Personal Data Protection and implementation regulations.
The audit verifies the adopted security methods not only in terms of legal requirements but also whether they are in line with the good practices indicated in PN-ISO/IEC 17799:2003.
The audit is conducted in line with the audit guidelines on compliance with BS 7799-2 (PN-I-07799-2:2005) that describes a model integrated information security management system, in which one of the elements pertains to aspects related to personal data protection.
Our experience in IT consultancy, compliance and information security gives us a wider view of the many problems arising from personal data protection and allows us to recommend solutions for the Customer that ensure a higher organisational security level than that required by legal provisions for personal data protection. We see to it that recommendations presented by us correspond to the situation and organisation of the Customer.
- Identification of risks related to information security.
- Discovery of irregularities and recovery propositions.
- Practical recommendations that correspond to your situation and organisation.