Digital security policy to support the digital change of PHHYKY

Päijät-Häme Joint Authority for Health and Wellbeing, PHHYKY, is aiming to improve their productivity and customer service with digital services. The information security of solutions is a necessary prerequisite and an important enabler to utilize widescale digital services.

”We cannot develop digital solutions that increase productivity without taking into consideration the other side of the coin which is the security of the solutions and their usage,” says Antti-Olli Taipale, the security manager of PHHYKY.

To conduct digital security, we need a perspective that is wider than the previous information security policy, collecting together the previously separated issues of information security, data protection, and cyber security into an integrated whole.

To create this new policy a large number of the key figures of PHHYKY were interviewed. This gave us a comprehensive understanding of the issues that need to be taken into consideration when developing security solutions. The usability and understandability of the policy was assured by creating the policy in close cooperation with security consultants and the responsible people of the customer.

”We managed to combine the issues important in practical operation with the policy of digital security,” summarizes Taipale.

To compile the policy, the most important approaches directing the management and development of digital security were gathered. These approaches are, for example, taking security matters into consideration right at the beginning of the planning process, managing security based on risk evaluation, and systematic preparation for interferences and emergencies.

You can read the security policy of Päijät-Häme Joint Authority for Health and Wellbeing here. (in Finnish).