January 28, tracing the path of Data Protection

In 2006, the Committee of Ministers of the Council of Europe launched Data Protection Day, which has been celebrated every January 28 since then. This day marks the anniversary of the signing of Convention 108 of the Council of Europe which took place in 1981 and which was carried out in order to protect individuals with respect to the automated processing of personal data. Since then, Convention 108 has evolved to continue protecting the privacy of the European population.

The main purpose of this day is to raise awareness in society about the challenges associated with safeguarding information, in addition to providing information to everyone about their rights and how to exercise them.

Fraternidad-Muprespa, being aware of the magnitude and diversity of the information it handles and the responsibility it assumes in the exercise of its work as a collaborating entity with Social Security, recognizes the crucial importance of adequately safeguarding said data. In this sense, it has been regularly promoting and carrying out various initiatives with the aim of achieving this protection, such as the accession on May 20, 2021 to the Digital Pact for the Protection of Individuals promoted by the Spanish Data Protection Agency.

Certificates and external audits

At Fraternidad-Muprespa we have the UNE-ISO/IEC 27001 and ENS Information Security Management System certifications, which are subject to periodic external audits. Different policies have been designed to ensure the security of third-party information _

Internal policies

We have developed specific policies and guidelines to regulate the use of information by our employees, addressing aspects such as data sharing and information management. We have especially focused on ensuring data protection in our Digital Office, the main digital communication channel with associated companies, consultancies and workers. During the onboarding of new employees, we implement concrete measures to ensure data security from a comprehensive perspective.

As stated by Luis Martínez del Pino, director of the Information Systems Security Department of the Mutua, "data protection is one of the strengths of Fraternidad-Muprespa today. Until now we have never been sanctioned by the Spanish Data Protection Agency."

To continue on the right path of security, this year 2024, at Fraternidad-Muprespa we will face an intense stage marked by the execution of new projects. One of our immediate priorities will be the renewal of the National Security Scheme (ENS) certification associated with our Digital Office. In addition, we are designing a set of measures and projects to strengthen the Mutua's cybersecurity, which includes the implementation of a Security Operations Center operational 24 hours a day, 7 days a week, 365 days a year, supervising our entire ICT infrastructure.

Additionally, we plan to acquire cutting-edge software products to reduce our exposure and strengthen our protection. In terms of data protection, we have reached a significant level of maturity, so the year 2024 will be focused on consolidating, optimizing and continuously improving our processes. Likewise, we will continue our efforts to raise awareness and train our employees in cybersecurity, strengthening this link that we consider most vulnerable.

Are you interested in the statements of Luis Martínez del Pino, director of the Information Systems Security Department at Fraternidad-Muprespa?Access the full interview.