Payment Services

Privacy and IT-Security Implementation

Fiserv (ex. First Data), is a global provider of financial services technology. The company’s clients include banks, thrifts, credit unions, securities broker dealers, leasing and finance companies, and retailers. In October 2015. Fiserv has been named as 2020 Fortune World’s Most Admired Companies, the seventh consecutive year it has earned this recognition and 10 times in the last 12 years.

As a financial services provider, Fiserv is monitored by BaFin.

Project

Roderich Pilars has been mandated as Local data protection officer (dpo), project manager, consultant and negotiator for the global compliance policies, particularly for the implementation of GDPR and ISO 27001 requirements in Germany.

-Representation of the company towards data subjects (mostly plaintiffs), customers (mostly banks), suppliers (mostly data centres) and the Data Protection Authorities in Germany.

-Privacy training in Germany, UK and USA Implementation of operational and technical measures

At the same time, the operational and technical processes and their documentation had to be adapted to the GDPR. The adjustments were carried out in cooperation with a multinational compliance team from the USA and Great Britain. The scope of services also included internal training for data protection and information security in Germany and Great Britain.

Negotiations with the German Works counsel were also part of my role.

Project Methods and Tools

Audits, Workshops, Gap-Analysis, Business Analysis, Access Management (IAM), ISO 27001, GDPR, ISMS, Demand Management

Results

“Geprüfter Datenschutz” (GDPR) and ISO 27001 certification (TÜV Rheinland)

International compliance implementation for India, Netherlands, Germany, Great Britain, Poland.
The work was monitored by the German finance authorities  “BaFin” and audited by Ernst & Young