Handling of deviations in Simployer

Rules for reporting

The regulation proposes to report multiple security breaches or events about privacy.

• Data Processors shall, without undue delay, notify the controller in case of violation of personal data.
• The controller has a 72-hour period from the notice of a deviation to evaluate and possibly report to the Data Inspectorate. Deviation handling shall be documented and there are requirements for what a non-conformance report to the Data Inspectorate shall contain.
• The registered (who is affected) may also require notification (in understandable language), depending on the risk the breach represents for the freedoms and rights of the registered.

How to report deviations to Simployer?

Simployer's customer center is manned in all business hours. The customer shall, in accordance with the current DPA report breach of security in the applications as soon as this is known to the Customer. Notification should preferably be sent to the customer center in writing through Support:

Support Center Norway
Support Center Sweden

Simployer's handling of deviations

Simployer shall provide satisfactory information security with regard to:

• confidentiality, ie the information is not available to persons who do not have legal access to the information,
• integrity, ie the information is not changed in an unauthorized or unintentional way
• availability, ie the information is available and operative for legitimate and authorized use

Simployer has a quality system to prevent vulnerabilities, and a separate deviation management system to handle reported deviations. The quality system is audited regularly and has defined procedures for how Simployer will respond to deviations of different criticalities.

Notification of the customer

If Simployer reveals a breach of personal information security, Simployer is obliged, without undue delay, to notify the customer of the deviation according to agreed upon routines. The customer must comply with his own warning obligations.

System Status

Simployer operates a service that shows the status of all systems at any given time. Users can subscribe to notifications in different channels from the status service. Read more...