In line with the decision-in-principle on the development of data security in the state administration, data security issues form an integral part of management, expertise, risk management, and administrative development. In principle, every organisation is responsible for data security within its own operations. At the government level, responsibility for data security steering and development lies with the Ministry of Finance. Hansel’s framework agreements take into consideration the government’s data security guidelines and requirements.
Key business-critical data security principles and requirements are set out in Hansel’s data security policy. Data security obligations apply to all Hansel employees. Hansel’s data security manager is responsible for providing data security related training and instructions, and for in-house communications.
At Hansel, data security means ensuring the confidentiality, integrity and accessibility of data. Data security is a reflection of sound business practices and part of Hansel’s risk management. Maintaining a level of data security that is appropriate and sufficient for Hansel’s business allows the use of modern and efficient business processes and methods. Hansel is committed to upholding the basic data security level of the state administration (Government decree on data security in state administration 681/2010). The audit conducted in 2012 showed that Hansel meets all of the basic requirements for data security within the state administration.