CLIENT
TESTIMONIAL

1- Could you briefly introduce yourself: your company, your position, your responsibilities?

 

"My name is Frédérique Guede, I am responsible for the organisation of the PST38 occupational health service. Until recently, I had the responsibility of DPO, in connection with a lawyer, to whom I could ask my questions and who could make recommendations on the subject. 

I have been working at PST38 (previously MT2i) since 2019, and I wear several hats : organisational responsibility, but also responsibility for medical assistants, technicians and occupational risk prevention engineers (IPRP), and in this sense I am required to ensure that sensitive data is kept confidential and protected.

 

These different roles enable me to disseminate information and instructions to all staff in a very general way, but also in a more targeted manner. In fact, my job means that I am in contact with around 40 people (out of 100) at MT2i (now PST38), which gives me a more direct relationship with a good proportion of the people in place within the organisation."

 

​​

​​​

2- For what type of need did you call upon CyberSecura? What was the trigger?

 

"The need was for the security of our computer networks and data in the IT sense. It was our IT manager, Gérald Fournier, who saw the interest in calling on CyberSecura for the IT part, and then when he met David Rozier, the latter explained to him that he also had this role of DPO.

 

I myself had a lot of difficulty with this role, because when you are not competent and have not been trained for it, it is impossible to understand all the ins and outs, all the day-to-day practices that may be contrary to GDPR compliance. We often think we are doing the right thing, but this is not always the case. Some things are not obvious, and people who are not in the field don't necessarily know how to do it. 

 

So I had difficulties with this assignment, although working with a lawyer was very helpful, we lacked that 'strength of purpose' aspect in what we had to do. If I didn't detect the problems, if I didn't formulate a request, I necessarily didn't have any answer. But I didn't always have the capacity and skills to detect all the problems. When the IT Manager told me that he wanted to use CyberSecura for this DPO skill, I immediately agreed. I found it very important ! I am much safer and more serene about what I can and cannot do, and I know that I am dealing with an expert in the field"

​

​​​

​​

3- Why did you choose to entrust these missions to CyberSecura rather than to someone else?

 

"So I'm not sure that the offer that is made exists with other providers. Because it's really a complete handling of the need. David takes care of everything, and that's extremely reassuring. It's a complete handling that I haven't found elsewhere, and having worked with David, I realised what a contribution he makes. Mr Rozier knows how to put us at ease, how to listen to us in order to understand our problems, the way we work, the specificity of our service, so as to respond to us in the best possible way, and so as to enable us to continue to work efficiently. Because obviously we have to respect the law, but we still have to continue to work."​

​

​

​​​

4- Did you have any fears before the project was set up?

 

"Not at all, I was delighted ! One of the very important things that CyberSecura is working on and that we are working on is the treatment register. I never found the time to do it. We didn't see how we could put someone in charge of it independently : we didn't really have the skills, it was the first time we were doing it, and it takes time. So the setting up of this data processing register is an immeasurable support and help for PST38. And I would add that in the field, the occupational health services are in the process, by law, of obtaining this certification and I think that this first draft of work when we process data - namely the data processing register - will be a valuable support for obtaining certification, with the identification of certain processes, and already a reflection on the organisation chart, etc., all aspects which will help us a lot, and which will be a starting point for obtaining the necessary certification, a certification which we hope to obtain in the medium term."

​

​​​

​​

5- What are the challenges in your business today?

 

"I would say that it will be more of a challenge to make people aware, to raise awareness, and to supervise that everything is well done. We often think we're doing the right thing, but it's not always intuitive. Medical assistants, for example, really need to be well aware, because they deal with sensitive data every day, they make messages every day, they need to know what they can and cannot put in. All this requires real change management. And I think that we really need to be accompanied in this phase of awareness and change in daily practices and habits. The challenge is really to generate new habits by making everyone understand that we won't lose efficiency for all that. I think the challenge is much less technical than human."

​​​

​​

​​

6- How would you describe the work of CyberSecura, its team, in just a few words?

 

"Professional, reassuring and relevant ." 

​

​

​​​

7- What are the results of this collaboration?

 

"It is perhaps a little early to see and talk about the results of all these actions, but what I can say is that at management level we are much more at ease : we know that it is being dealt with. We are more at ease with what can be done, the data that can be collected, stored, etc."

​

​​​

​

8- What did you like most about the CyberSecura solution?

 

"Mr Rozier's attentiveness, his availability, and this concrete handling of things."

​

​​​

​

9- What advice would you give to organisations facing the same challenge as you?

 

"My advice would be to tell them : "Be careful, there are no obvious things in this field, and you really need an expert at your side to be able to handle these aspects effectively." "

​​

​

10- Would you recommend CyberSecura to others? For what reason(s)?

 

"Yes, yes, but no, because there are not enough of you, we need David to stay and work with us !"