A consultancy project for an international semiconductor business to meet the requirements of the General Data Protection Regulation (GDPR) has followed an electronic security installation by the Buckinghamshire-based installer Evolution.
Renesas Electronics Europe Limited has been a client of Evolution for several years, and in 2017 the installer completed an upgrade to the company’s CCTV and access control at its offices in Bourne End, pictured. With the coming of GDPR in May 2018, Renesas’ Facilities Manager, Julie Blake, sought to review the site security policies and procedures to ensure they were compliant. She contacted Evolution’s dedicated Risk & Design team.
Julie recalls: “Like many organisations we were receiving plenty of advice around GDPR, and a recommendation that we consulted with our security partners. I was introduced to Evolution’s Risk & Design team, and they explained, in a very straightforward manner, what was required. The team then produced a comprehensive set of reports and documents in a timely fashion to meet all our management requirements. They also explained that annual assessments of the CCTV system are now required so we look forward to continuing to work with the Evolution team in the future.”
Evolution says that it took a holistic view of the project and security risk, explaining how its approach would support Julie in meeting Governance, Risk Management and Compliance (GRC) requirements regarding security systems. A CCTV assessment and CCTV privacy impact assessment, were tools to help the client create the necessary system policies and procedures to meet its legal obligations. This includes besides GDPR the latest employment law and the Freedom of Information Act.
Evolution Head of Risk & Design, Brendan McGarrity added: “With an ever changing and increasing need for organisations to consider GRC requirements, it is my belief that Risk & Design services can provide clients with a comprehensive framework to improve building and asset security. It is our role to support the client in meeting its GRC requirements for security by providing the necessary documented professional services.”
