Indotronix partnered with a national recruiting firm to implement General Data Protection Regulation (GDPR) standards.

Background

This recruiting company came to Indotronix looking to implement General Data Protection Regulation standards. In order to remain compliant with those standards, HR management/recruiting software platforms that handle a candidate’s data must be governed by a data protection agreement that’s set up by a data controller. This is what Indotronix was asked to provide.

Challenges

The challenges fell around regulation and ensuring that the implemented measures were able to safeguard personal data. This included:

• Prioritizing data security
• Testing, evaluating, and maintaining data security
• Encrypting of candidate data
• Restoration of candidates’ data in case of an incident
• Demonstrating commitment to support the Data Controller in their compliance journey
• Ensuring external integrated applications were also GDPR compliant

Services Provided

We provided consultation on building controls for ongoing compliance, which included:

• A review of current data security & privacy processes
• Data privacy impact assessment
• Data privacy risk treatment
• Data inventory
• Logical &  physical security controls
• Documenting requirements, policies, & procedures