Contact person
Raul Carlsson
Senior forskare
Contact Raul
Personal data privacy - Guidance and internal audit
Increased digitization of organizations and private life means an increased amount of data about individuals is stored in more computer systems. This introduces risks, not least in times of rapid development of artificial intelligence. Data both enters from individuals interacting with various data systems, and as parts of different organizations.
Design and implement personal information privacy
This service helps you get a better grasp of how your organization can achieve personal information privacy. There is much support to keep track of all the requirements regarding personal information management, but notice a lack of support to ensure to not only meet the requirements, but also to keep track of how IT systems, organization and their promise to customers are really fulfilled.
The method we use
The method we use is based on a practical structuring of an international standard* for consumer protection. The structure is developed to carry out an external audit of an information management service or product, such as e.g. a customer interface or an app in a smartwatch.
*ISO 31700-1:2023 - Consumer protection — Privacy by design for consumer goods and services — Part 1: High-level requirements
ISO/TR 31700-2:2023Consumer protection — Privacy by design for consumer goods and servicesPart 2: Use cases
As customer you receive:
The customer gets an overview of the strengths and weaknesses of the system where personal data is handled, in terms of awareness and competence from management to personnel who deal with data and software, and also hardware.
The customer also receives a template based on the requirements that the standard ISO 37100-1 contains, in order to be able to carry out an internal review of their system themselves, as well as a list of proposals for each verifying documentation, if the customer does not already have such.
