The Pomeranian Philharmonic in Bydgoszcz is renowned worldwide for its exceptional acoustics. One of the first performers to grace the stage was Artur Rubinstein, whose visit to Bydgoszcz in 1960 led to him becoming the patron of the concert hall. The Pomeranian Philharmonic is a cultural institution of the Kuyavian-Pomeranian Voivodeship, co-managed by the Minister of Culture and National Heritage. It is regarded as one of the leading musical institutions in the country.
The Philharmonic’s artistic activities include symphonic and chamber concerts, recitals by the finest virtuosos from around the world, as well as numerous educational events.
Facts and figures
Full name
Filharmonia Pomorska im. Ignacego Jana Paderewskiego w Bydgoszczy
Industry
Cultural institution
What did the client expect?
The Pomeranian Philharmonic stores large amounts of data, including personal data of its employees, artists, guests, and customers using its services. Due to the increasing cyber threats and the introduction of the GDPR, it decided to conduct two key audits: KRI and GDPR. The goal was to streamline IT risk management, secure data, and adjust procedures to comply with the applicable personal data protection regulations and the National Interoperability Framework (KRI).
What did we do?
RODO SECURITY AUDIT
We focused on identifying and assessing the processing of personal data within the organization and its compliance with the GDPR regulations. The analysis covered employee data as well as data of clients and artists collaborating with the Philharmonic. We checked whether the Philharmonic implements appropriate security measures, maintains data processing registers, and meets all confidentiality and data processing security requirements.
KRI AUDIT
The task of this audit was to identify and assess risks related to IT infrastructure, computer systems, applications, and employees. We reviewed the current software and hardware used for information processing, focusing on identifying potential threats. In the end, we provided recommendations to strengthen the security of systems and access procedures, as well as proposals for employee training to enhance overall security awareness.
What were the results?
Conducting the KRI and GDPR audits brought numerous benefits to the Pomeranian Philharmonic. These actions not only minimized the risks associated with data processing but also positively impacted the trust of clients, artists, and employees.
Thanks to the KRI audit, the Philharmonic introduced new security policies and updated the security software. As a result of the GDPR audit, they adjusted their personal data processing procedures, updated the informational clauses, and implemented a monitoring and reporting system for incidents related to personal data. Each phase ended with recommendations for training staff on GDPR principles and their role in protecting personal data, as well as on cybersecurity, which aimed to raise awareness of cyber threats.
The collaboration with PBSG demonstrates that the Pomeranian Philharmonic complies with personal data protection regulations and information security standards. It has become an example for other cultural institutions, showing how to effectively manage IT risk while maintaining a high level of services and cultural value.
What did the client gain?
Compliance with the Personal Data Protection Act and the National Interoperability Framework.
Increase in the level of personal data processing security.
Implementation of best practices in personal data security.
Improvement and optimization of processes and procedures in the area of information security and IT systems.
Increase in employee awareness regarding cybersecurity and personal data protection.