Skip to main content Skip to search

Compliance

Compliance

GDPR

Approved and adopted by the EU Parliament in April 2016, the GDPR (General Data Protection Regulation) is set to come into effect in May 2018 and is expected to have a dramatic effect on the way organizations and companies are handling the personal information of their customers and employees. The GDPR applies to all organizations processing and holding the personal data of EU citizens and residents, regardless of the organization’s location (within or outside the European Union).

At the heart of the GDPR stands the principle according to which the individuals’ personal information (private, professional or public) is their own property and not the companies’ assets, which translates into the individuals gaining control over their personal data.

The GDPR includes a set of rules that clearly define the collection, storage and use of the individuals’ personal data, which is defined by the European Commission as “anything from a name, a home address, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer’s IP address”. These rules profoundly affect the information systems used by companies for employees’ and customers’ data management.

Some key requirements:

  • Organizations cannot use personal data without clear consent
  • The data must be used solely for the purpose it was collected for
  • Data must be portable via open and popular file formats
  • Individuals have the right to request their data to be erased and no longer disseminated
  • Organizations of all sizes must appoint data protection officers, whose purpose is to monitor internal compliance with this Regulation

MIND, as a technology company, is treating data management as a highly critical issue and therefore takes steps towards providing its customers and employees with a secure environment. In preparation for GDPR compliance we are working on several key areas, among which:

  • Employees information – we have adopted internal rules to protect our employees’ personal data
  • Development – all development processes follow strictly defined workflows, according to ISO standards
  • MIND’s products – our products rely on encrypted information stored in the DB where needed
  • Maintenance and support – our system ensures secure remote connection to our customers’ databases for maintenance and support purposes

ISO Certification

MIND holds ISO certifications for establishing, implementing, maintaining and continually improving its Quality Management System as well as the Information Security Management System. We have chosen to implement the ISO 9001:2008 and ISO 27001:2013 standards in order to benefit from the best practice they contain, while the certifications we obtained contribute to reassuring our customers that the standards are followed closely.

TM Forum

MIND is a member of the TM Forum and works along the standards set forth by this organization. MIND has undergone a Conformance Assessment of its product and has received the Frameworx 15.0 Certified Product Conformance Mark in 2016.