Digitalisation and data security

Sub-topic 1: Digitalisation

Description of the topic

Business processes are increasingly digitalised, which contributes to innovation and efficiency in our service provision. The addition of IT makes it possible to manage fluctuations in energy supply and demand and respond to evolving market relationships in a reliable, efficient and safe manner.

Impact on people and the planet

The development of more and better data contributes to social and intellectual capital as well as to more efficient and cleaner production. When used like this, knowledge and data can help resolve issues related to the energy transition, raw materials and realisation of the work. Data and the input of data do not automatically guarantee the desired result. Critical analysis of social effects and potential negative impacts is necessary to ensure reliability and safety.

Risks

Inadequate monitoring of end-of-life systems resulting in inadequate support for data exchange and flow stagnation.

Opportunities

Smart and fast coordination and adjustment of traffic across the energy system.

Impact on Alliander’s value

The impact on Alliander consists of enhanced productivity and future-proofing in addition to possible exposure to cybersecurity risks.

Relationship with Alliander’s impact model

Indicators for intellectual capital.

Stakeholder expectation

The use of IT makes it possible to manage fluctuations in energy supply and demand and respond to evolving market relationships in a reliable, efficient and safe manner. Smart networks and data technology help us to make targeted and effective investments in networks as well as to prevent outages and repair faults faster. Customers expect a network that enables them to feed in energy without any problem. They also expect us to make the network more reliable and transparent by means of innovative technology.

Strategic pillars

Share data and develop new market services, Future-proof foundation.

Our long-term objective

Alliander is working on an integrated IT architecture to be able to accommodate future processes and enable the energy transition. One of the objectives is to articulate a vision on our IT landscape. Liander’s activities plan includes digitalisation programmes. 

Alliander’s assessment and contribution

We are working at various locations to make our energy networks smarter. We are making medium-voltage stations more intelligent, rolling out a switching system for public lighting, offering smart meters and implementing IT applications and sensors to flexibly manage the flow of energy. Smart networks support the efficient use of capacity and infrastructure, and are also more reliable. Expanding our smart energy networks lays the groundwork for the digital services of the future. 

Stakeholder information

Sub-topic 2: Data security, privacy, and cybersecurity

Description of the topic

Data exchange has become a permanent social and economic phenomenon. Data exchange and storage, and privacy-sensitive information, require maximum safeguards at all times.

Impact on people and the planet

The security and privacy risks inherent in the management of personal data by Alliander and the energy suppliers can potentially have a negative impact on social capital (reduced digital security). The assets and systems for the mitigation of cybercrime and hacking risks make a positive contribution to our manufactured capital.

Risks

Compromised IT and OT networks, for example ransomware. This endangers network continuity and control, with a high risk of data integrity violations and data breaches.

Opportunities

Data exchange and integration is an important pillar for further digitalisation of our business processes and for collaboration in the chain provided that the security of data and IT is guaranteed.

Impact on Alliander’s value

Any breach of data security and safety systems could have a major impact on Alliander and lead to adverse social effects. 

Relationship with Alliander’s impact model

Indicators for social capital and manufactured capital.

Stakeholder expectation

Stakeholders expect us to use their data and personal details safely and carefully. Data exchange has become a permanent social and economic phenomenon. Data exchange and storage of privacy-sensitive information require maximum protection at all times.

Strategic pillars

Share data and develop new market services, Future-proof foundation.

Our long-term objective

Alliander respects the privacy of its employees and customers. This means that we exercise due care in using their personal data and treat them confidentially. We meet the requirements set out in the law implementing the General Data Protection Regulation (GDPR). Customers and employees can be confident that Alliander handles personal data with care and acts immediately if the data integrity is threatened.

Alliander’s assessment and contribution

We are obliged to meet statutory and other requirements for all personal data that we process. Pursuant to the GDPR, we have appointed a Data Protection Officer for Alliander customer data, who is responsible for monitoring GDPR compliance within the organisation. In addition, we have set up a data processing register in which we document all our personal data processing activities. Finally, we use Data Protection Impact Assessments (DPIA) to perform prior risk assessments whenever we plan to process large volumes of data or highly sensitive data. Customers can go to liander.nl to exercise their associated rights, such as the right of access, right to erasure and right to restriction of processing. Factors such as the increased use of employee data, more extensive deployment of contractors and intensification in the distribution of energy data have led to a greater focus on cybersecurity in recent years. In order to gain an even better understanding of the security risks at Alliander, we have reassessed the position of Chief Information Security Officer (CISO). We have also had our security processes certified by an independent external party in accordance with ISO 27001 and the Security Verified standard. 

Stakeholder information