HR SOLUTIONS’ APPROACH TO DATA SECURITY
As a business, HR Solutions takes data security very seriously, and we already have robust systems and procedures in place to protect client data. In 2017, we embarked on a detailed review of our overall security arrangements, both physically and digitally. This has resulted in a few enhancements to our operating procedures and access to our offices. We shall ensure that our IT infrastructure continues to evolve as the cyber threat landscape changes.
Cyber Essentials
As part of the detailed review of our data security, we decided to go for Cyber Essentials to benchmark what we have been doing with a view that we would hopefully also become Cyber Essentials certified. We are pleased to be able to tell you, that HR Solutions successfully achieved Cyber Essentials certification on 3rd July 2017.
Staff Training and Awareness
In addition to achieving Cyber Essentials, and partly due to the changing landscape in relation to Cyber Attacks, we have enhanced our staff training and awareness in relation to Phishing, Malware and Social Engineering, as well as Physical Security and processing of personal data. This is an ongoing programme that continually educates our staff, through a series of online training and workshop based events.
ISO 27001 – Information Security
We already have strong processes and procedures in place, and earlier in 2018 we started down a path to achieve ISO 27001 (Information Security). In part, this is for us to be able to be recognised for the processes we already have in place, but also to be able to provide reassurance to our clients. On 29th March 2018, HR Solutions, at the first attempt, achieved ISO 27001 certification of approved information security management systems, for the administration of providing HR Solutions to our customers, including all functions based at and operating from our offices in Kettering, Birmingham, Milton Keynes and London.
Risk Management
We have a Senior Management Team that meets regularly to review and manage identified risks, and we also have an Information Security Working Group that is made up from members of the wider HR Solutions team from different areas of the business. Our aim is to have open conversations in relation to risk management and respond quickly to mitigate these risks.
General Data Protection Regulations (GDPR)
We have been working to demonstrate our commitment to GDPR, which is demonstrated in the hardening of our IT Infrastructure and achieving Cyber Essentials certification; further enhancement of our internal policies and procedures culminating in our aim of achieving ISO 27001; enhanced staff awareness and training; and working with our clients to ensure that they know and understand their responsibilities.
At HR Solutions we see this as a journey that we will be sharing with our clients, and we will continue to provide you with the support and guidance you need to ensure that you meet the GDPR.
To find out more about On-Site HR Support or any of our outsourced consultancy services please call us on 0844 324 5840 or contact us online.