As part of our security strategy, we have safeguards in place which are appropriate to the assessed risk and comply with the requirements of the EU and international personal data protection law. We ensure security of our own information provided to our Clients as well as information entrusted to us, by the following actions:
- Ensuring integrity and confidentiality of processed data;
- Granting access to information to authorized persons only;
- Raising the awareness of our employees, co-workers, contractors an clients regarding the safe use of IT resources;
- Using only safe Information Technology;
- Guaranteeing access to information and ability to provide continuing services to our Clients by the implementation of a Business Continuity Management System;
- Ensuring compliance with the requirements of the law, internal regulations and contractual provisions.
Subsequent goals that we will be pursuing include:
- Implementation, certification and continual enhancement of the Information Security Management System based on PN-EN ISO/IEC 27001;
- Systematic improvement of qualifications and raising awareness of our employees;
- Raising the security level of information processed in our office by systematically monitoring the implemented safeguards and adverse events;
- Ensuring conformity with legal and contractual requirements;
- Constant monitoring of factors affecting information security.
Support in Implementing Information Security System
The Management Board of our Office provides full support in the implementation, maintenance and improvement of the information security system. Regular management reviews and internal audits are carried out in order to ensure the continuous improvement of the system.
The entire staff of our organization know and understand their role and the requirements of the system, with which they are acquainted. Internal and external training events are organized on a regular basis in order to boost qualifications in the area of security.