99x receives ISO 27701:2019 Privacy Information Management System certification


Protection of privacy is increasingly a vital necessity in a world that’s becoming more connected. Understanding this, technology company 99x was among the first companies in Sri Lanka to conform to and receive the ISO 27701:2019 Privacy Information Management System certification from DNV GL.

The protection of personally identifiable information (PII) is of utmost importance, and doubly so to 99x, as a provider of digital solutions to a primarily Scandinavian clientele. The introduction of the European Union General Data Protection Regulation (GDPR) heightened this requirement.

The groundwork put in by 99x towards maintaining information privacy and security for many years enabled the company to meet the stringent requirements of this new certification, and thereby be one of the first in the country to receive it.

“The protection of our customers’ IP has always been a top priority for us. It is a cornerstone of our long-term engagements with customers as they have always been assured that their data is safe with us. Recent developments have seen the focus of protecting corporate IP extend to the protection of individuals’ personally identifiable information (PII). It required a restructuring of certain internal processes but thanks to our detailed procedures for protecting customer data, we were able to roll out these changes fluidly across the organisation,” noted Chaminda Vithanage, Process Manager at 99x.

The need for trust and accountability for personal information is growing in the minds of customers, consumers and other stakeholders alike. The recent heightened privacy concerns in relation to the popular messenger app Whatsapp, resulting in a mass exodus of users from the platform, serves as a timely reminder of the importance of the protection of personally identifiable information.

“Receiving the ISO 27701:2019 Privacy Information Management System certification creates increased trust and goodwill among our customers in relation to the services that we provide to them, which in turn adds more value to our work. It also builds further assurance in the global outsourcing model and increases their confidence in the Sri Lankan IT industry as a whole to know that we are able to meet global standards such as this,” added Prasath Mahalingam, Chief Business Development Officer of 99x.

Companies are required to have the right competence, processes and systems in place, and the new ISO 27701:2019 certification provides companies with much-needed guidance to do so. The certification was issued by DNV GL, an international accredited registrar and classification society headquartered in Høvik, Norway.

Providing a risk-based approach, the ISO 27701:2019 certification helps organisations address specific privacy risks faced, as well as risks to personal data and privacy.

Headquartered in Sri Lanka, 99x is a technology company co-creating well-engineered, innovative digital products for the Scandinavian market. Its expertise has been proven through a portfolio of over 150 impactful global digital products developed since 2004, together with leading Independent Software Vendors (ISVs).

99x employs over 350 technology and product specialists, who are high achievers, creative thinkers and team players. The company is one of Asia’s Best Workplaces for 2020 and has been named a Best Workplace in Sri Lanka for eight consecutive years.