Information security and data protection

Information Security and Data Protection | HR Solutions

Robust systems and procedures to protect client data

As a business, HR Solutions takes data security very seriously, and we already have robust systems and procedures in place to protect client data. In 2017, we embarked on a detailed review of our overall security arrangements, both physically and digitally. This has resulted in a few enhancements to our operating procedures and access to our offices. We shall ensure that our IT infrastructure continues to evolve as the cyber threat landscape changes.

Information Security isn’t simply a case of having policies and procedures in place. To demonstrate our commitment we have actively enhanced our IT infrastructure and staff training. HR Solutions are certified for ISO27001 Information Security and Cyber Essentials.

General Data Protection Regulation (GDPR)

Our commitment to GDPR is demonstrated in the hardening of our IT Infrastructure and achieving Cyber Essentials certification in July 2017.  Further enhancement of our internal policies and procedures successfully culminated in our achievement of ISO 27001 certification in March 2018; enhanced staff awareness and training; and working with our clients to ensure that they know and understand their responsibilities. Our privacy policy and cookie policy detail how we handle your information. In our full terms of business, we also outline our approach in relation to Data Protection for our clients. HR Solutions is committed to the aims of the GDPR, and we believe already complies with the Data Protection Act and the principles of the GDPR.

Cyber Essentials

As part of the detailed review of our data security, we decided to go for Cyber Essentials to benchmark what we have been doing with a view that we would hopefully also become Cyber Essentials certified. We are pleased to be able to tell you, that HR Solutions successfully achieved Cyber Essentials certification on 3rd July 2017.

Staff Training and Awareness

In addition to achieving Cyber Essentials, and partly due to the changing landscape in relation to Cyber Attacks, we have enhanced our staff training and awareness in relation to Phishing, Malware and Social Engineering, as well as Physical Security and processing of personal data. This is an ongoing programme that continually educates our staff, through a series of online training and workshop based events.

ISO 27001 – Information Security

We already have strong processes and procedures in place, and earlier in 2018 we started down a path to achieve ISO 27001 (Information Security). In part, this is for us to be able to be recognised for the processes we already have in place, but also to be able to provide reassurance to our clients. On 29th March 2018, HR Solutions, at the first attempt, achieved ISO 27001 certification of approved information security management systems, for the administration of providing HR Solutions to our customers, including all functions based at and operating from our offices in Kettering, Birmingham, Milton Keynes and London.

To find out more:  read our Information Security and Data Protection brochure.

 

Interested in what we do?

Get the latest news from HR Solutions delivered to your inbox