Personal details of citizens who needed help from government institutions, medical information of people who had themselves tested on COVID-19 by a commercial company, or companies that share information about their customers with the police. This year alone, we have read about several major data leaks in the media. In 2021 too, privacy will remain an important topic of attention.
European Privacy Day
Once a year, today on January 28th, we celebrate European Privacy Day. The purpose of this day is to inform citizens better about their rights regarding the use of their personal data. On this day, companies and organisations are encouraged to improve the protection of personal data. But how do you ensure good data protection? And how have we arranged this? We have listed the most important points of attention for you.
Agree on privacy guidelines
Organisations consider data privacy important, but often don't know where to start. The problem is that most organisations have not put anything down on paper with regard to privacy. Therefore the advice: draw up a privacy regulation. Such regulations describe in which cases the company's interests take precedence over the employee's right to privacy. In this case it doesn’t matter in what way employees exchange information. Whether that's via Plek, Slack, SharePoint or email.
Don't use unsafe tools
Think carefully about using tools that are actually intended for private use. Before embarking on the use of a platform such as Plek, organisations are often at a loss as to what to do. Often, employees choose unsafe tools, such as WhatsApp, for lack of a better solution. But as soon as it is used for business communication, the employer is responsible. The employer often does not know who is in which WhatsApp group - and whether former employees are removed from them.
Golden rules of Plek
Being a software platform, we implemented strict rules ourselves. To our customers, but also internally. Information security is one of our top priorities. If you use Plek, you are the owner of your data. For all our clients, we draw up a clear processing agreement. We are ISO 27001 certified, as is our (Dutch) hosting provider. We also comply with the BIR 2017 (Privacy regulations imposed by the Dutch Government). We have implemented strict security rules both internally and externally. We regularly have penetration tests and audits carried out to test whether our policy, hosting, our working method and platform continue to meet the high requirements.
Within our own organisation and for our employees, we apply 'golden rules'. Rules that every employee must read and follow at the start of their job. We think about our password policy, use of software and hardware. We report data risks and we have made agreements about sharing documents and sensitive information. We update and discuss these rules annually. This way, we always ensure a safe workplace. And you, how safe is your Plek?