By achieving certification to the ISO/IEC 27001:2013 and ISO/IEC 27701:2019 standards, Agendrix has demonstrated its standing at the forefront of data and privacy protection.
The company has become one of the first staff management and scheduling software providers in Canada to obtain these certifications. 🚀
“Our product handles the personal data of employees and other users of our client companies. This certification shows our commitment to our customers and users to take the management of their personal data very seriously. In Quebec, Law 25 has been phased in since September 2022 and we are pleased to have put additional security measures in place before it is prescribed by law.”
- Charles Vallières, Chief Technology Officer and Co-Founder of Agendrix.
Two standards, one goal
Since our inception, we have proactively addressed all aspects of the security and confidentiality of data handled by our web and mobile apps. Now, we are going even further by obtaining certification to two ISO standards that serve a single purpose: protecting the data of our users and customers.
The ISO/IEC 27001:2013 standard aims to improve information security systems, which, for Agendrix customers, means that our products comply with the highest information-security standards.
The ISO/IEC 27701:2019 standard sets out a framework for the management and handling of personal information and sensitive data. This certification confirms that we uphold best practices and abide by the applicable laws.
Data security and privacy: getting ahead of Law 25
When we heard that Law 25 would gradually be coming into effect in Quebec, we were very pleased to have prioritized security and confidentiality from our beginnings.
It was always clear that we wanted to earn the trust of our corporate customers and hundreds of thousands of users.
Law 25 is the Act to modernize legislative provisions as regards the protection of personal information. It provides a framework for the measures to be put in place for the collection, storage and processing of personal information that a company handles.
Gone are the days when any company could obtain and hang on to individuals’ personal data.
Law 25 has three objectives:
- To bolster the protection of personal information held and processed by public and private organizations
- To improve public trust in these organizations
- To support innovation while taking into account new technologies
Security and confidentiality are a team commitment
Achieving certification to both ISO standards is a point of pride. Although it started out as a security initiative, obtaining this certification and working to maintain and honor it has become a key commitment that concerns each member of our team. The certification is as important and decisive for Agendrix as each of the steps that brought us to where we are today.