ProData Consult Group obtains ISAE 3000 GDPR Assurance Report
We are proud to announce that we have achieved the ISAE 3000 GDPR Assurance Report that confirms our compliance with the European legislative standards for the processing of personal data. Essentially this is proof that we comply with and adhere to the provisions of the General Data Protection Regulation (EU).
The handling of personal data is a natural part of any business and consulting firm. It is a vital task, and at ProData Consult the securing of client and consultant data remains a task of the highest priority.
“We have received an external validation of our compliance with the law. It is as close as we get to a real GDPR certification”, says Claus Flinck, CIO at ProData Consult.
Securing personal data is an integral part of ProData Consult’s processes. For more than 20 years, ProData Consult has focused on the proper and safe handling of all data flowing within the company. It is an essential condition that must be in place before any business activity.
“We have a considerable focus on the responsible processing of personal data. We ensure the rights of the data subject and have made security an integrated part of our processes. For instance, since 2007 we have had privacy conditions and consent forms on our website, so that all data received from consultants only is processed within the agreed upon and very narrow purposes, such as the provision of a job assignment”, Claus Flinck explains.
ISAE 3000 is an international standard for assurance over non-financial information and is based on the European General Data Protection Regulation Act.
The law applies to any form of personal data processing, including: collection, registration, classification, storage, use, disclosure, coordination and deletion of data.
Companies are audited against the provisions of the General Data Protection Regulation. More specifically, a thorough inspection is performed of the company’s controls. The following methods are applied: interviews of selected personnel at the company regarding controls, observation of how controls are performed, review and evaluation of policies, procedures and documentation concerning the performance of controls and finally, a retesting of procedures to verify that the control is working as assumed.