“Give it a go”
In the summer of 2017, Louise Heilskov was given the responsibility of implementing GDPR in LOGSTOR, a company in the energy sector with 1,200 employees in 12 countries. The first year, she visited each department, mapping the company's personal information in what she calls large, inactive Excel spreadsheets. Today, a clear overview exists, and she is dedicated to expanding the work with GDPR in the organisation.
When Louise Heilskov was hired at LOGSTOR, it was well-known that new EU-wide rules regarding personal information were soon to be established. However, That was most of what Louise knew of the subject at that time. Nevertheless, she was given the responsibility for the implementation of GDPR compliance at LOGSTOR. Now, when people in similar situations ask for advice, she says:
“Simultaneously, beginning a new job and a project within the company was the best decision I made. Do not make too much of a plan, because it will change anyway. Instead, you can seize the opportunity of getting to know your company, because you are going to interact with all departments. Remember that great things never come from staying in the comfort zone.”
Louise Heilskov definitely managed to expand her comfort zone. Following her deep dive within the GDPR legislation, she began touring all company departments to create an overview of personal information in LOGSTOR processes.
“When I took on the project, I started from scratch. Therefore, I decided to just get started somewhere. I physically walked around the departments with a form asking them to fill in: What personal data do you have, where do you store it, what do you use it for and why do you use it? This process took a year,” she says.
From inactive Excel sheets to automated processes
The work resulted in a giant Excel spreadsheet, Word documents with mapped records of processes and a lot of appointments in the calendar to remind herself of follow-ups and controls. It provided some overview, but she calls it "inactive," as it prevented the GDPR work from being smoothly implemented throughout the organisation. Louise was the only person who could handle the system, which was a significant obstacle for an effective adoption of GDPR compliance throughout the company.
“If I were hit by a bus, the risk of coworkers misunderstanding or not seeing the information from my self-developed, inactive documents would be high,” she bluntly says.
Thus began her search for systems that could give her a proper overview and ensure easy incorporation across the organisation. The goal was to create flexible and determined processes around the GDPR work.
“We looked at various systems. Some were too complex and therefore unmanageable. In a positive manner, Wired Relations is a simple system. It is easy for organisations to implement.”
- Louise Heilskov
Implementation within the organisation
The new method and structure around GDPR work in LOGSTOR will help Louise Heilskov involve the rest of the organisation in the work.
"Our next step is to delegate areas of responsibility within the various departments. This is now feasible, thanks to our new system. The goal is to make work with personal data and GDPR a natural part of the daily work across departments,” she says.
However, she is not finished working with GDPR, which today absorbs 20% of her work time. Currently she is taking a GDPR certification and will continue with strategic levels of working with personal data in the future.
She states that the task has positively impacted LOGSTOR. Various company processes have been streamlined, and employees have become more aware of handling personal information. Overall, it has led to a streamlining within the organisation.
“To begin with, it kickstarted a well-needed clean-up. We ordered a huge container where people threw out everything. It was filled within a split second,” she says.
Why did LOGSTOR choose Wired Relations?
- "It's a simple system that users can access easily."
- “We rid ourselves of my Excel sheets. Instead we now have a GDPR tool that is fully accessible to my colleagues. I am no longer the sole user of the system.”
- "We swapped the inactive documents with the ability to automate our processes."
- "We are able to pull out reports and documentation."
- “We have - knock on wood - never had an inquiry. But if we get it, then we can handle it.”
Group Structure: 16 legal entities
Logstor is an international company with 16 legal entities in 12 different countries. This is the reason behind Louise Heilskov’s choice of Group Structure from Wired Relations. It allows her to create an overview across the units while ensuring that personal data that flows between the various legal entities is also GDPR-compliant.
“We must keep track of our inter-company agreements. For example, I process a lot of data for Italy and Poland. We have 16 legal entities that work across country borders,” she says.
Good advice: Talk to others
"When you work alone, you risk missing certain things," Louise Heilskov states.
She is therefore grateful for early on participating in two ‘peer to peer’ networks on GDPR, one part of the Confederation of Danish Industry and the second consisting of participants from companies in Jutland.
“Many impractical questions surface along the way. How do you clean up the mailbox? Which e-learning have you used?,” as she explains.
Background information
Industry
Energy Sector Solutions
No. of employees
1.200+
Challenge
From inactive documents to automated processes
Location
12 countries
