EasyTranslate is a Danish company that connects customers and linguists. Every day, they translate more than 400 documents into English, German, Swedish, Dutch, French and countless other languages.
“The documents we translate may contain anything. It can be website texts, birth certificates or employment contracts. Sensitive information is limited, but there are cases, which makes it a bit complicated,” says Sabrina Eisele, corporate developer at EasyTranslate.
ISAE 3000 and automation
In the fall of 2019, EasyTranslate, like many other data processors, had an auditor conduct an audit of the company's GDPR and information security, earning EasyTranslate an ISAE 3000. Easy Translate was in complete control over information security and the handling of personal information. However, there were also some inefficient, manual processes left.
Therefore, the auditor's statement led to a number of new initiatives leading EasyTranslate to a more streamlined compliance process. This meant that the company said goodbye to their external GDPR adviser and instead took over full ownership of the work with personal information and information security.
“My role is to improve our level of compliance and information security. It is essential that we continue to develop this area while improving the technical set-up and our processes,” says Sabrina Eisele.
Many EasyTranslate customers place great emphasis on the fact that the security surrounding their documents is best-in-class.
Ensuring a solid structure around GDPR work is therefore essential for EasyTranslate to avoid errors. Sabrina Eisele has developed a foundation making compliance work far less administrative. Wired Relations has helped the company automate these processes.
Towards ISO 27001
Streamlining the processes has allowed for further development within information security. EasyTranslate has been working towards an ISO 27001 certification. The ISO standard is a management tool helping companies protect valuable information, including personal information, in a secure and credible way.
“The work with ISO 27001 is extensive. We improve our information security, operations, communication, etc. while ensuring that the process does not become an administrative burden,” she says.
What is ISAE 3000?
An ISAE 3000 is issued by an auditor. He states that a data processor complies with the requirements (concerning GDPR) within the Data Processing Agreements (DPA) that the data processor has entered into.
What is ISO 27001?
ISO 27001 is an international management standard for information security. The standard is a management tool that helps companies protect valuable information - including personal data - in a secure and credible way. ISO 27001 sets out, among other things, requirements for risk management, documentation of processes and the distribution of roles and responsibilities for information security.
If you wish to see how Wired Relations integrates the ISO standards into the GDPR work, then you can request a demonstration here.
EasyTranslate works with data minimisation
EasyTranslate and Sabrina Eisele constantly try to minimise the sensitive data in the translation documents. They, therefore, work hard making companies aware that a good precaution - whenever possible - is to remove sensitive information from the documents. Sabrina Eisele gives an example:
“An employment contract that needs to be translated from Danish to English is a good example. We do not need to know who is being hired. Therefore, we ask the company to remove the name, social security number and such information,” she says.
However, this may not always be possible. In certain situations, such as when translating official documents, it is important that the translator knows she is working on the original document.
See more about EasyTranslate here: www.easytranslate.com.
Why did EasyTranslate choose Wired Relations?
- "We wished to streamline compliance work so that we could handle it internally, and Wired Relations was able to assist."
- “You grow with the system. The process allowed me to take over the project rather than using an external consultant.”
- "We can turn much of our compliance into a self-driven system."
- "We want to build our ISO27001 certification in Wired Relations."