INFORMATION SECURITY

Protecting Data. Ensuring Compliance.

The Payroll Department holds the most sensitive data in any organization and ensuring the safety, protection and confidentiality of this information is a non-negotiable requirement.

With changes in data legislation such as GDPR , ensuring compliance is a moving feat. At Immedis, we have built our technology platform and service delivery processes with data protection at the heart of everything we do.

ISO 27001 Certification

Immedis is ISO 27001 certified, which means we ensure your information is secure and remains confidential at all times, whether at rest or in transit.

Recognized as the international standard for Information Security Management, the ISO 27001 certification provides clients with proof of our clear commitment to Information Security Management Systems (ISMS) and active management of data security through:

  • Protection of sensitive and confidential information using encryption and pseudonymization at every level
  • Proactive and ongoing assessment of risks and exposure – internally and externally
  • Adopting processes that ensure controls remain compliant and continue to meet information security needs
  • Embedding data security into our organization’s culture, and providing ongoing training and support
  • Independent auditing of the ISMS systems to ensure ongoing adherence to ISO 27001 criteria

GDPR Compliance

The General Data Protection Regulation is a legal requirement from the 25th of May 2018 which recognizes the value and importance of data security.

Although ISO 27001 and the GDPR require different levels of criteria in order to meet their compliance standards, many of the information security regimes remain consistent.

  • With the GDPR, data controllers and processors must implement appropriate measures to ensure ongoing levels of security and protection of information in the organization
  • Ongoing confidentiality, integrity and availability of information
  • Measuring and managing risks, threats and vulnerabilities to the organization’s data and adopting measures to combat same
  • Implementing processes and procedures to manage data security across all levels.

While having an ISO 27001 certification does not automatically ensure GDPR compliance, the ISMS provides the appropriate framework and management structures to meeting many of the GDPR requirements.

Compliance at Immedis

At Immedis, we ensure compliance at all levels by implementing both GDPR and the ISO 27001 information security measures across:

  • Our People
  • Our Processes
  • Our Technology

At the core of our business culture, is understanding the importance of the protection of information and adhering to security measures. Regular training, supported and lead by all employees, is a mandatory ongoing requirement at Immedis.

Our payroll processes ensure risks are monitored, identified and managed effectively while ensuring ineffective procedures are regularly adapted and improved.

iConnect, our Global Payroll Platform has been purpose built with the ISO 27001 and GDPR framework in mind, encompassing encryption and pseudonymization up and down the information streams – applying to both data at rest and in transit.

To discuss how Immedis can help protect your payroll data – contact us now and speak to a member of our team.