City of Mölndal — increased quality in information security
With advice and support from DirSys, the City of Mölndal took the next step towards sustainable and systematic information security practices.
The Care and Care Administration at the City of Mölndal investigates and implements decisions on behalf of the Health and Care Board. This department is responsible for deciding and following up on individual cases within home care, nursing homes, and social psychiatry. Additionally, the administration actively engages in quality and operational development, with information security being a crucial component. A review of their information security practices revealed a need for improvement in quality and systematic follow-up. This led to a collaboration between the Health and Care Administration in the City of Mölndal and DirSys to enhance the administration's information security.
When Anette Larsson started working at the City of Mölndal, she held the role of Operations Developer, eStrategist, and Information Security Officer. The purpose of this role was to act as a developer and enabler across various areas, including information security.
Following an audit, it became clear what improvements were needed and what was lacking in their information security efforts. Consequently, the Health and Care Administration in the City of Mölndal realized this was not a task they could handle alone. A collaboration was initiated with DirSys, who stepped in to provide advisory support in information security.
“It's very positive that there was such high availability. We didn't have to wait; we could get started immediately.”
— Pär Levander, Head of Development, Care and Care, City of Mölndal, and client for the collaboration.
Administration-Specific Guidelines
The City of Mölndal had central guidelines for information security practices. However, specific guidelines for the Health and Care Administration were missing. Therefore, there was a need to develop more administration-specific guidelines.
Furthermore, the administration lacked guidelines that encompassed the softer aspects of information security work. During the collaboration with DirSys, administration-specific guidelines were developed and compiled into a policy to be presented to the Health and Care Board for decision.
“Filip Gårdelöv from DirSys and I collaborated extensively. Filip operates at a more central strategic level, which fostered excellent cooperation. He understood the impact of key decisions and how to translate them to the management level. This led to many engaging discussions and insights.”
— Anette Larsson, Business Developer, eStrategist, and Information Security Officer, City of Mölndal
Towards a Systematic Approach
The guidelines have now been decided upon and adopted by the Board. The next step is to translate these guidelines into a more concrete action plan. Pär Levander emphasizes that the focus will be on establishing a framework for how the system should operate. He also highlights the importance of communication to successfully engage the business's managers.
Anette Larsson discusses the collaboration with DirSys:
“Working with DirSys made it very clear what steps an administration must take regarding information security. It's not just about risk analyses and classifications; you have to break it down further. It's a significant undertaking that requires a lot of dedication and involvement across the respective activities. It's not something you can do alone.”
Get started with DirSys platform
Curious about how to get started with DirSys platform?
Book a demo here.