Case: Brøndby Kommune

Our Citizens’ Sense of Security is our main Concern

The Danish municipality of Brøndby saves time and resources by working systematically with the preparations for the upcoming GDPR – and expect to be ready in due time.

“We take the handling of personal data very seriously, and, of course, we must also comply with the new regulations. Not because we are afraid of incidents, but because our citizens must feel secure with us”, says Marianne Bo Krowicki, information security coordinator and soon-to-be DPO in Brøndby Municipality.

Like all other public and private organisations, the municipality must relate to the upcoming personal data rules – or the General Data Protection Regulation (GDPR). The regulation becomes effective as of May 2018 and sets up a series of new criteria for the treatment of personal data.

Danish Developed Tool Systemises the GDPR Effort

From the outset, Brøndby Municipality chose to rely on a spreadsheet to manage the GDPR effort. But it quickly became clear that – in Marianne Bo Krowickis words – “it was very confusing and rather inefficient”.

So instead, the municipality launched a process where the Danish developed tool, RISMAgdpr, is used to identify areas in which personal data is managed, to systemise data handling and even to document the work in accordance with the new regulation.

“The tool is easy to use for the employees even after just one workshop, and the work is progressing surprisingly fast. We are almost done with the Personnel Department, after which we will continue with the Social and Health Administration in February, then comes the Child, Culture and Sports Administration, the Technical Administration and finally our own Central Administration. This means we will be ready in due time before the new GDPR becomes effective as of May 25th, Marianne Bo Krowicki states.

Complete Overview of Data and Security

Once the work is completed, the Administration will have a complete overview of where sensitive personal data is handled and which safety measures they are surrounded by.

“We are working through everything and, at the same time, we are checking whether personal data is kept for instance on file drives or other places where they should absolutely not be stored. The Administration themselves get to work hands on with the substance, get things sorted out and become aware of whether or not they are doing things right. This can, for instance, mean whether all data processor agreements are in place, who information is exchanged with, and other practical and formal circumstances which one might otherwise not think much about on a daily basis. We get our definitions honed and work through everything. It is most reassuring”, says Marianne Bo Krowicki.

We are Certain that all Legal Aspects are in Place

She originally became aware of RISMAgdpr during a course run by legal company Plesner and decided to give it a try.

“I have great respect for Plesner, and they were deeply involved in developing the tool, so this was in fact our guarantee that all the legal aspects were in place. Thus, if we were to take our starting point here, we would become compliant and avoid surprises to as great an extent as possible”, Marianne Bo Krowicki says.

But even though Brøndby Municipality is taking a thorough approach to the GDPR work, she does not think they are going too far.

“Of course, this tool is not free, but the price seems very fair. Especially because it aids us in saving time and quite a lot of resources by systemising the effort and getting things done right the first time around.”

Read more about RISMAgdpr

Brøndby is a central capital municipality with more than 35.000 inhabitants living in the three districts of Brøndbyøster, Brøndbyvester and Brøndby Strand.

Yes please, I would like to know more

Invalid Input
Invalid Input
Invalid Input
Invalid Input
Invalid Input

Sign Up for the Newsletter

Invalid Input
Invalid Input

RISMA Systems A/S uses its own cookies and cookies from third parties to remember your settings, traffic metrics and to present you with targeted adverts. By continuing your browsing of this website, you consent to this use of cookies. If you do not want to accept the use of cookies, you will have to leave the website or block cookies in your browser. You may always withdraw your consent by blocking the use of cookies in your browser. Further information regarding the use of cookies, including how to block and delete cookies, can be found here, where you are also able to read more about our policy for processing of personal data.