EOC SHEEP MARINE INSURANCE

EOC is a mutual insurer with a rich history - on us you can sail. they watch over safe navigation every day for boaters from professional and pleasure craft.

Improven was invited by EOC to discuss the impact and risks related to privacy laws and regulations, in particular the Data Breach Act, which had just come into force at the time. EOC wants to understand the risks and mitigating measures in the short term. Subsequently, the most important measures should be implemented.

EOC is compliant on key aspects of the WBP and the Data Breach Act within a relatively short time. This has raised (IT) security to a higher level.

Our approach

Based on the 'Improven Approach to Privacy Audits' based on 2 streams, Improven first conducted an audit from the files to the actual registered and person-related data. Afterwards, the audit was assessed against the WBP and further reduced during a Purpose Restriction Workshop to those data that may be stored with purpose restrictions. Owners were assigned and recorded as well as the duration of registration.

In the 2nd stream, we assessed (IT) security and procedures. The results were reconciled in a workshop where the findings were prioritised and translated into concrete actions.

 

Result

All outcomes were recorded in a report with a concrete plan of action with prioritised actions (who, when, what, when). Partly based on the outcomes of the Purpose Binding Workshop, EOC's privacy regulations were adapted. Also, together with the client, Improven developed and implemented the data breach procedure. Finally, we supported EOC in setting up and concluding the processing agreements

The result of our assignment is that, within a relatively short time, EOC is compliant in key aspects of the WBP and Data Breach Act and its (IT) security has been raised to a higher level.

Organizational Fitness Risk IT RISK Compliance

Want to know more about this topic? Please contact

+31 6 53 78 56 57 Louis de Koning