Organisations can no longer avoid getting their personal data processing sorted. Anyone who does not have everything in place for processing personal data by May 2018 runs the risk of paying fines running into millions of Swedish krona.

Johan Malmborg – Head of Information Security, Softronic AB

Do you meet the requirements in GDPR?

GDPR is a major change in law in the EU that has been effected to secure the way organisations handle personal data. This law covers the whole of the EU and comes into force as a local law from May 2018. The penalty is up to a maximum of 4% of the organisation’s balance sheet total or EUR 20 million per infraction. If you want to check how you comply with GDPR, this service is cost-effective and simple to use. It provides a concrete picture of weaknesses, suitable actions and the areas that you need to develop.

Softronic Assessment Model – GDPR

SAM-GDPR is a standardised model, developed by Softronic to examine and analyse an organisation’s ability to comply with the requirements in the GDPR (General Data Protection Regulation) or the Swedish Data Protection Ordinance. The model supports the customer by showing the areas where the customer meets and does not meet the requirements. The results are reported as a description of areas that have been met/not met and the relevant action that needs to be taken. Do you have control of your information assets and do you have an active management process to check adherence to laws and regulations? Do you know where the stored information is and who has access to it? How do you handle the right to be forgotten? If you want to find out how well your organisation complies with GDPR, we are happy to help!

Other services in information security

Softronic is certified in accordance with ISO-27001 and works with information security and IT security for a number of large and medium-sized organisations. We also deliver a number of other specific services in this area, for example:

  • General advice in the area of information security, where we provide support and act as a sounding board
  • The introduction of a management system for managing information security
  • Establishing the information security function and connected processes. We can deliver this as a service or help you build up this function by yourself

Contact us if you would like to know more!