As a platform, Floriday provides a secure environment for confidential grower and buyer data. That is what the second independent audit conducted by Royal FloraHolland at the request of the Data Committee concluded. The audit in 2021 had already confirmed the effectiveness of measures previously taken to ensure Floriday users' confidentiality of their information The current audit re-examined this over a longer period and also tested its efficacy.
"The measures have been effective"
André van der Linden, CIO Royal FloraHolland: "The auditors once again did a very thorough job in this second audit into data security by conducting interviews, tests and spot checks. It is nice to see that, like last year, confirmation of the effectiveness of not only the set-up and existence but also the efficacy of the measures taken previously. Confidential (price) agreements between growers and buyers in Floriday are indeed confidential and integrity in the handling of data on Floriday is guaranteed."
Security of confidential information guaranteed
The audit was conducted by external auditor Noordbeek and covered the period 1 July 2021 to 30 June 2022. This involved looking at strictly confidential data in Floriday. This means the information to which only the relevant grower and buyer have access. Consider price agreements in contracts and consumer prices on stickers. It has been established that strictly confidential data will not be shared outside of Floriday. It has also been established that the limited group of Royal FloraHolland employees, who have access to this data, can only view it on account of their position. Think of a Floriday support person. They must be able to support users when they need help.
Periodic audit of accounts
One of the recommendations from the audit is that growers and buyers should be reminded to periodically have their permissions checked in Floriday. From this autumn, all main users will receive an email twice a year asking them to check which people have access to the Floriday account and with which permissions they have access. It also recently introduced the option for users to use 2-Factor Authentication while logging in to increase account security.
Data committee monitors compliance with data and information policy
A Data Committee was established at the end of 2020 to discuss and evaluate the implementation of Royal FloraHolland's data and information policy. The Datoma committee commissioned the audit for the second time to also test the efficacy of the measures over a longer period of time. This examined whether what was described in policy was true in practice. The Data Committee consists of: Steef de Lange (Nolina), Arno van der Maarel (Maarel Orchids), Herman Raué (FleuraMetz), Sandor van den Berg (Profitplant), Theun Faber (Faber Bloementransport BV), Erik Beulen (Professor and data expert), André van der Linden (RFH) and Remco Wilting (RFH).
Sandor van den Berg, working at Profitplant, is a member of the Data Committee: "During this year's audit, we were able to observe that Royal FloraHolland made strides last year. The recommendations from last year's audit have also received the necessary attention. In short, a great achievement that provides confidence and opportunities for the future."
Data and information policy
Royal FloraHolland wants data on Floriday, of both growers and buyers, to be handled with integrity. An Information policy was created and communicated for this purpose. More information about the data policy can be found here.