EPISODE 5: IT security and GDPR compliant protection of personal data

30 Apr 2018

Bisnode goes for 360° data encryption 

Article 32 of GDPR states that “the controller and the processor shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk.” Article 6 urges controllers and processors “to take into account the existence of appropriate safeguards, which may include encryption or pseudonymization.” 

Although GDPR merely recommends encryption, Bisnode has decided to apply it on all levels. In a first phase Bisnode only used encryption for data at rest. After 25 May 2018 Bisnode will make encryption obligatory for transfer data as well. Bisnode will consequently inform clients and source partners that they always need to deliver data in encrypted form 

Other Bisnode procedures to guarantee personal data security 


At Bisnode we have implemented full traceability of data flows throughout our organization. This means that we can monitor every data transaction: by whom it was sent, to whom, when, for which purpose... 

Bilateral IT security audits

Bisnode’s IT security is subject to audits performed on a regular basis by important clients from many sectors: retail, banking, media... In its turn, Bisnode frequently performs internal audits to constantly improve security excellence. This may be a simple check to prevent employees from sticking post-it notes with passwords to their PCs. But it also includes the development of new technologies to improve security processes. 

Security from A to Z

A strict care for security excellence is embedded in every Bisnode activity. Security is a top priority in every stage: during development, in testing environments, for quality control and throughout the production process. 

Security training and consultancy

Together with clients and source partners we assess which level of security consultancy or training is necessary. Depending on the existing know-how and procedures, we develop and fine-tune a proposal to optimize the security level. The procedures and conclusions are recorded in a legal contract. 

Restricting data sets

Bisnode always checks whether all transferred data are really useful or necessary. If not, we inform our clients and help them to reduce data sets to the essential minimum. 

Bisnode security code for employees

Respect for strict security guidelines is embedded in the Bisnode company culture. Bisnode employees are familiarized with this from their first day at work. They receive frequent trainings to upgrade their alertness and know-how. This enables them to meet new technology requirements and specific security needs of clients. 

How to respect the new GDPR rights of citizens?

That's the subject of episode 6 : how Bisnode adequately protects the individual’s rights concerning personal data.

Looks complicated? Glad to help you!

Looks complicated? Glad to help you!

Don’t worry: whenever in doubt about a GDPR data issue, do not hesitate to contact your Bisnode consultant. Getting GDPR ready? Been there! Done that! We’re ready to help and get you on your way.

Subscribe to our newsletter