Windy Chan

Notable projects:

Flemish government, Brussels

• ISO 27001 certification preparation for the project Digitaal Vlaanderen
• Review the contracts with third-parties to ensure GDPR compliance
• Setting up risk assessments and mitigation strategies for data protection
• Assisting in developing their information security policies

Maritime and Coastal Services, Amsterdam

• Reviewing contracts with their third-party data processors
• Conducting risk assessments and mitigation strategies for data protection
• Assisting in risk mitigation by implementing security controls, such as data encryption, anonymization, pseudonymization and access control

• Embarked on a 6-month sabbatical focused on personal mental health and well-being, acquiring mindfulness techniques that benefit both my personal and professional life
• Followed a Spanish language course for beginners
• Followed online modules about how Microsoft safeguards customer data

Project at Pro Persona, Nijmegen

• Increase the information security level by rewriting the data protection policies
• Identify the data processing activities of the patients of the clinic
• Risk analyses of patient's data and communication devices within the clinic
• Raising the security awareness level by educating the staff on phishing, social engineering and secure data handling

Notable projects: ASML, Eindhoven

• Determining the current level (IST) and desired (SOLL) level of the security awareness and helping mitigating the gap by implementing security controls
• Mapping the information security landscape for the strategic roadmap
• Developing and implementing awareness campaigns on a national and international level
• Training employees on data protection and GDPR compliance

SURFnet, Utrecht

• Creating an online community for the target group (CISO's and privacy officers of Dutch educational institutions) where they can share thoughts and ideas
• Developing the Cyber Save Yourself campaign and toolkit which the target group uses to increase the security awareness level of their students and colleagues