Audit into confidential data in Floriday completed08 July 2021
As a platform, Floriday offers a secure environment for the confidential data of growers and buyers. That is the conclusion of an independent audit that Royal FloraHolland had conducted at the request of the recently established Data Committee. The audit focused, among other things, on data security for confidential contract information, standing orders and sticker data.
Royal FloraHolland wants both growers' and buyers' data on Floriday to be handled ethically. An information policy has been drawn up and communicated for this. Growers and buyers do business with each other in various ways in the market. Forward supply, contract trade, requests for quotes and seasonal offers are examples of this. Functions in Floriday make it possible to record these various ways of doing business. Examples include contract information between grower and buyer and agreements on prices, quantities, labels and stickers, as well as other terms and conditions. It is essential that growers and buyers can be confident that Royal FloraHolland will handle data, which is recorded in Floriday, confidentially. That was the reason for testing this on the basis of an independent audit.
Audit: taken measures are effective
André van der Linden, CIO Royal FloraHolland: "We regularly carry out IT audits and assessments into, among other things, robustness and data security. During this research into data security, the auditors set to work very thoroughly by conducting interviews, testing and carrying out spot checks. It is reassuring to have it confirmed that the measures taken by Royal FloraHolland are effective. Confidential (price) agreements between growers and buyers in Floriday are indeed confidential and the ethical handling of data in Floriday is guaranteed. In addition, the audit report contains a number of recommendations that we will take on board in order to further improve Floriday."
Security of confidential information is guaranteed
The audit was conducted by an independent party and completed on 9 June 2021. The audit looked at strictly confidential data. This is understood to mean the information to which only the relevant growers and buyers should have access, such as contract information and price agreements. The conclusion of the audit is that the measures that Royal FloraHolland has taken are effective in enabling us to guarantee the users of the platform that their information is handled in a confidential manner. It was established that strictly confidential data is not shared outside the platform. It was also established that the select group of Royal FloraHolland employees, who do have access to this data, can only inspect this by virtue of their position. One example of this is Floriday support employees, as they must be able to support users if they need help.
The Data Committee monitors compliance with the data and
At the end of 2020, a Data Committee was established to discuss and evaluate the implementation of Royal FloraHolland's data and information policy. The committee consists of growers, buyers and representatives of Royal FloraHolland, in addition to an external independent expert in the field of data.
Prof. Erik Beulen, professor at Tilburg University and member of the Data Committee: "This external research provides a good foundation and builds trust. Floriday offers many opportunities as a digital platform; the Data Committee will have to continue working proactively on safeguarding the confidentiality of data in Floriday together with Royal FloraHolland."
Next autumn, we will tell you more about the theme of data security at Royal FloraHolland and the role of the Data Committee in this. You can read the previously published news item about the information and data policy of Royal FloraHolland here.