🎙⏯ GDPR, AI & Cybersecurity: Upcoming webinars and replays 🎙⏯ GDPR, AI & Cybersecurity: Upcoming webinars and replays 🎙⏯ GDPR, AI & Cybersecurity: Upcoming webinars and replays 🎙⏯ GDPR, AI & Cybersecurity: Upcoming webinars and replays
Call us on +(33)4 28 70 91 81
Log in
There City of Lyon : Data Comply One (formerly Mission RGPD) is GDPR software suitable for communities
Home Our references & Testimonials Case City of Lyon
Optimization of governance data from the City of Lyon

As part of the optimization of the City of Lyon's data governance, GDPR compliance has been identified as a major area of work.

With 70 directorates in the City of Lyon, the city's public administration was not organized to deal with the number of requests and their complexity. Until then, data processing was carried out with office tools: it therefore seemed difficult to us to maintain such a quantity of isolated files over time, with heterogeneous and sometimes low quality data. Beyond the multitude of data sources, we had no transversal vision of processing and we needed to harmonize our working methods.

The City of Lyon project

We have therefore launched a global compliance management project for all departments of the city of Lyon.

How? We have created workshops with a pilot for each department in order to identify the measures, processes and means to be put in place to meet the legal obligations of the GDPR: processing register, data breaches, management of contractual data, actions of employee awareness, internal /external communication actions, ...

 

The workshops allowed us to define our objectives:

  • Provide the structure with a tool allowing you to have a transversal vision and relational on data protection issues
  • Meet regulatory requirements
  • Have traceability of requests (compliance with the principle of accountability)
  • Being able to present an assessment and quantify the challenges of each obligation for be able to better respond to them and follow their progress
  • Have trends in treatment developments and risk levels alerts on the presence of sensitive data, ...
  • In addition, we have defined the 3 key actions of this project: Simplify – Industrialize – Standardize
  • A vast project on which we realized that we needed support and dedicated resources.

 

The conclusion:

  • We therefore set up a pair: DPO and GDPR IS project manager to manage and succeed in this project.
  • We quickly moved towards a software platform with a standardized legal framework for communities, offering the management of several entities and offering centralization of data.
All of the criteria determined during the workshops allowed us to rationally choose the tool that manages our compliance today.

 

GDPR compliance and cybersecurity: a major issue

Yes, the protection of personal data is closely linked to the security of information systems.

GDPR compliance has allowed us to reposition the DPO at the heart of information security, and allow its teams to be more involved in the choice of new tools. Our services are now consulted on the process of choosing a new solution regarding compliance with the protection of personal data and data governance (definition of data controllers, subcontractors).

 

GDPR compliance and image among citizens: for ethical use of data and better transparency

Data has become the new black gold: we collect more and more data, sometimes even irrelevant.

It is essential for us to give our citizens back control of their data and to inform them of the processing carried out with their data in the interest of transparency. The GDPR has made it possible to regulate this valorization of data and the City of Lyon is proud to be able to provide guarantees to citizens and users of data protection measures, and confidence in the digital services offered by the city.

 

From the choice of the Data Comply One solution (formerly Mission RGPD) to its implementation

Our choice of the Data Comply One platform (formerly Mission RGPD) respects the 3 actions of our project: Simplify – Industrialize – Standardize

Initially, we had a strong need for awareness and support. Data Comply One (formerly Mission RGPD) allowed us to get started with the platform quickly and acquire enough skills to train our internal referents.

We then co-created the essential features for a community as large as ours. In this respect, we salute the mixed skills of our Data Comply One correspondents (formerly Mission RGPD), both technical and legal.

Today we use almost all of the platform's features. Here are the representative points of our use:

The processing register:

  • We have a continuous improvement approach which concerns more than 500 data processing operations over 2 years which we process via automation in the platform.
  • The platform register allowed us to simplify the reporting of data processing and to cascade the level of risk of processing:
  • detection of risky treatments
  • the simplified PIA declaration (CNIL methodology)

The action plan:

  • With the complexity of the number of departments in the City of Lyon services, we needed to rationalize and harmonize the actions to manage the compliance of a service, a processing, an entity, ...
  • This module of the Data Comply One platform (formerly Mission RGPD) allowed us to establish a model of the actions to be implemented and to prioritize them:
  • Gain visibility on areas for improvement o Automation of action monitoring

The key benefits of the Data Comply One platform (formerly Mission RGPD):

  • Simplification of treatments
  • Industrialization of processes
  • Data standardization
  • Structuring the project
  • Visibility on management on a structure like the City of Lyon

A successful project with Data Comply One (formerly Mission RGPD)

After 3 years of use, we have succeeded in the challenge: we manage our compliance after having implemented the structuring of the governance project.
The tool and functionalities correspond to the approach we have implemented on the protection of personal data.
The native integration of the different functional building blocks into the Data Comply One platform (formerly Mission RGPD) allows us to have the expected global vision on the monitoring of processing and projects at different levels: entities, services, ...

The technical and legal skills of Mission employees are a guarantee of trust and deserve the promise made by the publisher: to make the GDPR accessible to everyone!

Discover how the City of Lyon digitalizes and automates the management of rights requests with Data Comply One (formerly Mission RGPD)

To view this video, authorize the YouTube Cookies cookie in our cookies banner.
Yes, viewing videos on YouTube is linked to accepting the storage of cookies to provide targeted advertising. Don't panic, just click on "Accept YouTube Cookies". And if you ever change your mind, you can withdraw consent once the video is finished. To find out more, see YouTube's cookies policy.

Our advice for a successful GDPR project

Be supported

A compliance project does not rest solely on the shoulders of the DPO, it is necessary to have the support of his hierarchy and the project stakeholders

Raise employee awareness

Continuous awareness raising is essential to ensure the protection of personal data, so that employees take the subject into account on a daily basis.

Continuous improvement

Compliance does not stop with creating the registry and producing documentation. It is necessary to manage compliance over time, on the one hand to gradually process the data used, and on the other hand to integrate new data into your existing processing.

Communicate

Like many IT projects, communication is essential: say what new steps you have taken, give figures to your colleagues to show that your project is progressing.

We recommend the Data Comply One platform (formerly Mission RGPD) because it is simple, it adapts to any type of organization, it is based on solid and stable technology with attentive customer service, including a adapted legal expertise to regulations. "

François Pallin Legal Director & DPO

 "We recommend the Data Comply One platform (formerly Mission RGPD) because the platform has strong technology and an interface adapted to community issues and public sector bodies in terms of organization and data protection

Jean-Pierre Joud IS & GDPR Project Manager
Data Comply One (formerly Mission RGPD) is also made for you!

To view this video, authorize the YouTube Cookies cookie in our cookies banner.
Yes, viewing videos on YouTube is linked to accepting the storage of cookies to provide targeted advertising. Don't panic, just click on "Accept YouTube Cookies". And if you ever change your mind, you can withdraw consent once the video is finished. To find out more, see YouTube's cookies policy.

The best GDPR platform: best rated

⭐️⭐️⭐️⭐️⭐️

 

Request a demo