One of the largest communications companies in the Nordic countries – Geelmuyden Kiese – uses RISMAgdpr to map their processes and structure their GDPR work. This saves in-house work hours, minimizes the need for expensive legal consultancy and simplifies GDPR management in years to come.
When companies and organisations launch a new product or project, they need a clear-cut strategy, precise communication to the public and often contact with political decision makers. This is where Geelmuyden Kiese enters the picture.
Under the slogan “We move power”, the 160 employees in the largest partner-owned communications company in Scandinavia work across interests, industries, target groups and borders. But Geelmuyden Kiese faced a new challenge when the GDPR made it necessary to document working procedures and data processing.
“The GDPR is most likely outlined to work for a classically hierarchic company where management draws up executive guidelines, but that is not how it works for us. We have a flat hierarchy where our consultants are very close to the customers. Our counselling is tailored to our customers and the way they handle data, and this means that we have many ways to handle our data depending on how our customers work. So, in a nutshell, there is quite a large divergence between how the GDPR is chalked out to work, and how our company works”, says Markus Vickery, Nordic IT Manager of Geelmuyden Kiese.
Markus Vickery worked closely with the large Norwegian law firm Kvale all through 2017 to find a way to manage the GDPR project.
“At one stage, Kvale found out about RISMAgdpr and recommended that we took a look at it. Our CFO and I had the solution demonstrated to us, and we quickly intuited that this might work. With RISMAgdpr, we could systemize the work by following standardized questionnaires, build a structure for the company and import all our personal data processes. It was all very tangible”, says Markus Vickery.
“Broadly speaking – we got a grip on the process and saw results at the other end. This was exactly what we needed” he concludes.
Over the past months, Markus Vickery and four of his colleagues have used RISMAgdpr across the Nordic organisation to map and document the relevant processes. This has made the task of implementing the documentation requirements easier – and at the same time - has supplied Kvale’s legal consultants with quantifiable and structured information to work with.
“We supply material which Kvale’s lawyers can quickly and effectively run GAP analyses on and then give us feedback on how to make our procedures even better in order to be compliant”, says Markus Vickery.
“It costs time and money to become GDPR compliant. But seen in relation to how much time is saved in-house – time, which our consultants now can spend on customers – by working efficiently with the processes, then we do not see the cost of RISMAgdpr as large. The system has supplied us with good value and will continue to do so going forward, so it has been a very sensible choice for us”, he adds.
Good, positive and unanimous feedback on RISMAgdpr
According to Markus Vickery, Geelmuyden Kiese has taken large steps forward in their GDPR process. He also estimates that RISMAgdpr will facilitate complying with the many requirements of the GDPR in the years to come.
“Basically, we were working in many different ways to become compliant. Now we have a single way. It is also an advantage that the solution can structure recurring tasks going forward. Amongst other things, the system reminds us when it is time to revisit data processor agreements or carry out other recurring tasks that the GDPR imposes”, he says.
Read more about RISMAgdpr
Geelmuyden Kiese is the largest partner-owned communications company in Scandinavia with offices in Copenhagen, Oslo, Stockholm and Bergen. The company was founded in 1989 and has 160 employees today. www.gknordic.com