According to police estimates, the number of cyber-crimes in Finland is growing, and cyber-attacks on companies are expected to continue. In fact, the government administration and globally operating companies may face a growing variety of data security breaches.
In line with the decision-in-principle on the development of data security in the state administration, data security issues form an integral part of management, expertise, risk management, and administrative development. In principle, every organisation is responsible for data security within its own operations.
At government administration level, responsibility for data security steering and development lies with the Ministry of Finance. Hansel’s framework agreements take into consideration the government’s data security guidelines and requirements.
Hansel also participates in government data security improvement projects and builds models that incorporate data security into the tendering process for framework agreements. Framework agreements offer customers an opportunity to specify their own, unique data security requirements.
Data security aspects are taken into account in all of Hansel’s operations and procurement solutions. Security is a key consideration for systems, tools, practices and procedures. It is a reflection of sound business practices and part of Hansel’s risk management.
Basis for data security policy
Key business-critical data security principles and requirements are set out in Hansel’s data security policy. Data security obligations apply to all Hansel employees. Hansel’s data security manager is responsible for providing data security related training and instructions, and for in-house communications.
At Hansel, data security means ensuring the confidentiality, integrity and accessibility of data. Data security is a reflection of sound business practices and part of Hansel’s risk management.
Maintaining a level of data security that is appropriate and sufficient for Hansel’s business allows the use of modern and efficient business processes and methods.
Hansel is committed to upholding the basic data security level specified for government administration. The audit conducted in 2012 showed that Hansel meets all of the basic requirements for data security within the state administration.
Tendering processes are required to meet the basic, increased or high level specified in the instructions issued by the Government Information Security Management Board (VAHTI). Furthermore, customers may contribute to the data security level of the services provided.