After successfully conducting recertification verification in accordance with the requirements of ISO / IEC 27001: 2013 (Information Security Management System), as well as verification in order to comply with privacy regulations according to the requirements of the new international standard ISO / IEC 27701: 2019 (Privacy Information Management System,.abbr. PIMS), on 08.04.2021 the Commissioner for Information of Public Importance and Personal Data Protection Milan Marinović was solemnly awarded certificates of these standards by Igor Panin, director of "Quality Austria Center" d.o.o. Belgrade, thus continuing the path traced in 2017 when the Commissioner, realizing the importance of information security, was certified for the first time according to the requirements of standard 27001. Along with the Commissioner, Sanja Unković, Deputy Commissioner, and Radoje Gvozdenović, Assistant Secretary General for Information Technology, attended the ceremony.
As a result of efforts to further improve the level of its information security in accordance with the latest international and domestic regulations in the field of personal data protection, and understanding their interconnectedness, the Commissioner is the first state body in Serbia to be certified in relation to the new international standard. ISO / IEC 27701: 2019 (PIMS), which establishes the management of personally identifiable information and is an extension of ISO 27001.
Given the current situation in the field of personal data protection and global regulation of privacy, PIMS is so important that a large number of international experts assess it as an appropriate way of certification for GDPR (EU General Data Protection Regulation), or as a quality starting point for development of new certification criteria that have not yet been adopted in the EU.
The above stated enables the Law on the Protection of Personal Data, which has mostly taken over the decisions from the General Regulation, to be better applied.
The security of information is very important for the Commissioner from the point of view of both functions he performs, including both the protection of personal data and the security of all information at his disposal in his work.
The handed over certificates are a certain confirmation of the quality protection of all data that the Commissioner processes, and at the same time they represent the proof of his permanent determination to follow the most modern normative and IT solutions in the mentioned area.
Although everyday practice does not confirm this, data security should be of utmost importance for all state bodies in the Republic of Serbia.
Unfortunately, we are often faced with illegal dispositions of personal data of citizens, and thus "leakage" of confidential information from various state bodies.
The Commissioner hopes that his example will encourage other state bodies to introduce the stated standards and pass the necessary checks, especially those whose competence, as well as the scope of work, includes the handling of personal data and other confidential data.