The utility company, HOFOR, gained a better overview and created a sustainable GDPR process by consolidating all their GDPR management into one system.
When the GDPR came into force in May 2018, HOFOR chose a mix of solutions to help them meet the GDPR requirements. Each of the solutions helped with a number of GDPR commitments. However, it quickly became clear to the company that the setup was confusing and inefficient. Especially the lack of flexibility was getting frustrating for GDPR Coordinator, Diana Hierbæk.
The original setup that we had was not working at all. We had a mix of solutions that handled different parts of our GDPR commitment. However, it made it difficult to maintain an overview and gain insight into how far we were from being GDPR compliant.
It was, at the same time, difficult for us to link the different processes and risks together. That is extremely important to us because it is within the interaction between the various elements that the magic happens. We needed to create synergy rather than having work being done twice - and we did not get that with multiple solutions.”
HOFOR wanted to create a sustainable process that not only made the GDPR work more flexible, but also helped the company's employees understand and incorporate the GDPR work into their daily lives. Therefore, they embarked on a new journey to find a simpler setup for their GDPR management – and, in doing so, came across RISMA:
RISMA showed us that we did not have to compromise when it came to our needs. When working with the GDPR across different departments and levels, it is essential that the process is made simple to avoid confusion among those involved. RISMA helps with this by translating the legal requirements into practical tasks and procedures, making it more understandable to everyone.
At the same time, RISMA can help with data minimization so that those involved are not overwhelmed with a lot of information that is not relevant to them. It is efficient and just what we needed”.
According to Hierbæk, it has been the best decision to invest in RISMA's GDPR solution. In addition to making a difficult process more tangible, it has also given the GDPR Coordinator constant input on how to improve the GDPR work in the organization.
With RISMA's GDPR compliance solution, I can draw on both my own experiences, but also other organizations. RISMA constantly improves their solution with input and knowledge from all its customers. Thus, I get a GDPR solution based on many years of experience where everything is boiled down to a mixture of high legal knowledge and best practices.”
Although it can seem like an extensive investment and a big project to throw oneself into, Hierbæk has no doubt that it is worth all the resources. Because, even though it takes some time to systematize the entire GDPR process, you get it all back - and in many ways, it has given the GDPR coordinator a little more joy in her work.
RISMA has definitely made some of my tasks a little more fun. The work has become more efficient and it is easier to delegate specific tasks. At the same time, the dashboards of the solution ensure that I can constantly keep an eye on the progress and make sure it is being maintained in the various departments. This makes it so much easier to document the efforts and all in all, it gives me great satisfaction.
Thus, RISMA gives us great value. In the longer term, we will save time resources for everyone involved in the GDPR work - and thereby, also financial resources for the organization.”
Stay up to date with best practice, news and knowledge about governance, risk management and compliance and get exclusive invitation to events and webinars.Sign up now