ISO 27001

W odpowiedzi na nowe rozporządzenie RODO
jesteśmy dumni iż po upływie pół rocznych starań, otrzymaliśmy certyfikat bezpieczeństwa danych ISO27001

Certificate Nr. NC-2897

Uzyskany przez naszą firmę certyfikat, wskazuje że poważnie podchodzimy do bezpieczeństwa i ochrony danych
wrażliwych poufnych ale także Publicznych Wprowadzenie normy ISO 27001 zobowiązuje nas do wdrożenia następujących zasad:
– Polityka bezpieczeństwa danych
– Polityka fizycznego dostępu do pomieszczeń i zasobów Kontrola oprogramowania
– polityka Kryptograficzna
– polityka Polityka monitorowania systemu
– Polityka postępowania ze sprzętem i nośnikami danych
– Polityka oceny ryzyka
– Polityka tworzenia kopii zapasowych Biznes
– polityka zarządzania ciągłością Polityka zarządzania incydentami

ISO 27001 is the only international standard that is fully compliant with legal requirements in the scope of information protection and personal data security. There are currently around 200 legal acts in Poland regarding information protection. It should be mentioned that in order to ensure the security of the company’s information, the office and health care facility, they are required by the Act on personal data protection, combating unfair competition, protection of classified information, protection of persons and property, accounting, access to public information, copyright and related rights, protection of databases, provision of services by electronic means. In contrast, a comprehensive, best-functioning responding model All legal requirements are to implement and maintain the ISO 27001 information security management system. This standard defines the requirements for establishing, implementing, improving and reviewing the information security system.

By implementing it, we guarantee consumers comprehensive protection of personal data in the field of ICT, physical and organizational – legal. During the introduction of the regulation GDPR in the structure of DRB Polonia, we rely on such proven methods as: – audit related to the implementation of the GDPR to business and IT processes – risk analysis in the processing of personal data – adaptation of processes and the IT environment – adjustment of documentation – training for employees. Thus, we know that in the future we will not have problems with monitoring consumer personal data, as well as with cooperation with the new Data Protection Authority.

We are implementing a revolution in the approach to the protection of personal data. We are moving away from the restorative application of the law to engage in building our own personal data protection system, directly under the profile of our company. The implementation of the rights of natural persons is a priority for DRB Research.

We want DRB Research to enjoy the reputation of a company that cares about privacy. We are convinced that only a well-thought-out system of personal data protection allows to maintain a consistent image of the company.