Case: Geelmuyden Kiese
Simplifying GDPR management for years to come.
Under the slogan “We move power”, the 160 employees in the largest partner-owned communications company in Scandinavia work across interests, industries, target groups and borders. Geelmuyden Kiese faced a new challenge when GDPR made it necessary to document working procedures and data processing.
“We have a flat hierarchy where our consultants are very close to the customers. Our counselling is tailored to our customers and the way they handle data, and this means that we have many ways to handle our data depending on how our customers work. So, in a nutshell, there is quite a large divergence between how the GDPR is chalked out to work, and how our company works”, says Markus Vickery, Nordic IT Manager of Geelmuyden Kiese.
All the different processes Geelmuyden Kiese was using, created a huge challenge for them. What they needed was to get a grip over their situation.
Markus Vickery worked closely with the large Norwegian law firm Kvale all through 2017 to find a way to manage the GDPR project.
At one stage, Kvale found out about RISMA's GDPR solution and recommended that they took a look at it.
“Our CFO and I had the solution demonstrated to us, and we quickly intuited that this might work. With RISMA's GDPR solution, we could systemize the work by following standardized questionnaires, build a structure for the company and import all our personal data processes. It was all very tangible”, says Markus Vickery.
We ended up helping them with their GDPR conundrum and using our GDPR solution they mapped their processes and structured their GDPR work. This saved many in-house work-hours, minimized the need for expensive legal consultancy and simplified GDPR management in years to come.
“Broadly speaking – we got a grip on the process and saw results at the other end. This was exactly what we needed” Markus concludes.
Quantifiable and structured information for the legal team
Markus Vickery and his colleagues have now used our GDPR solution across the Nordic organisation to map and document the relevant processes. This has made the task of implementing the documentation requirements easier – and at the same time - has supplied Kvale’s legal consultants with quantifiable and structured information to work with.
“We supply material which Kvale’s lawyers can quickly and effectively run gap analysis on and then give us feedback on how to make our procedures even better in order to be compliant”, says Markus Vickery.
“It costs time and money to become GDPR compliant. But seen in relation to how much time is saved in-house – time, which our consultants now can spend on customers – by working efficiently with the processes, then we do not see the cost of RISMA's GDPR solution as large. The system has supplied us with good value and will continue to do so going forward, so it has been a very sensible choice for us”, he adds.
Geelmuyden Kiese has taken large steps forward in their GDPR process. He also estimates that RISMA's GDPR solution will facilitate complying with the many requirements of the GDPR in the years to come.
“Basically, we were working in many different ways to become compliant. Now we have a single way. It is also an advantage that the solution can structure recurring tasks going forward. Amongst other things, the system reminds us when it is time to revisit data processor agreements or carry out other recurring tasks that the GDPR imposes”, he says.