WeSiReport optimizes its security and compliance level

Created by experts in the professional integration of people with disabilities, the startup WeSiReport is currently developing an application aimed at preventing disruptions in career paths in the workplace.

Handling sensitive data, it chose Onepoint to support the compliance of its application with legal data protection requirements (GDPR) and to help improve its cybersecurity and marketing strategies. Focus on a project that is both technological, digital, and human.

Capturing weak signals as decision-making support

“As professionals supporting people with disabilities, we noticed that many companies contacted us because a worker’s situation had deteriorated without being able to anticipate this decline,” explains Christophe Guérin, co-founder of the WeSiReport startup.

Thus, the WeSiReport application was born in 2019. The idea is simple: send a few questions, such as “How are you today?” via SMS or email to the person with a disability several times a week. The user’s responses are analyzed and counted by the application without any human interaction.

In advance, the company can set its own alert thresholds or weak signals to monitor the employee’s career path: changes in the workstation, team changes, but also new management, transportation problems, or misunderstanding of a task… These structural or situational issues can trigger weak signals. If these signals accumulate, they indicate discomfort and should raise concerns. The person responsible for supporting (Disability Advisor, Integration Advisor, etc.) will then receive an alert to reach out to the individual in need.

One of WeSiReport’s challenges with its first prospects was to address their concerns regarding GDPR and the security of the application. The startup quickly decided to seek assistance.

A technical expertise in service of human values

Deeply committed to the issue of disability, Onepoint was immediately drawn to this mission that is both human and technological. To successfully execute the project, our experts worked in “immersion” to better understand WeSiReport’s business challenges.

We chose Onepoint not only for its expertise and flexibility, but also for its daily commitment to the inclusion of people with disabilities.

Christophe Guérin, co-founder of the startup WeSiReport.

“Large corporation, public organization, or startup: we bring the same care to our consulting work, and ensure that we adapt to the context of the structure we are supporting,” explains Arnault Pousset, GDPR consultant at Onepoint. “This is what makes us unique.”

To provide an accurate diagnosis of the WeSiReport application, Onepoint’s experts defined a scope of actions based on three main axes: Organizational and technical cybersecurity / GDPR compliance / Marketing and communication.

Sensitive Data at the Heart of the Mission

A question immediately arose: what type of data was being collected by the application? Was it health data, considered confidential?

In this case, the WeSiReport app sends questions via SMS, to which the response is a number (1, 2, or 3) describing the psychological state of the disabled person. “Certainly, we are not talking about pathologies, blood results, or patient data in the strictest sense,” says Stéphane Jourdain, cybersecurity consultant at Onepoint. “However, these are still sensitive data, deserving of the same level of attention and requirements as health data.”

The main objective was to develop a trusted digital tool with ethical use of data, to reassure prospects about the confidentiality of the information collected.

WeSiReport’s Support Took Place in 3 Phases.

  • First, a diagnostic of the existing situation in terms of “cybersecurity governance” and “GDPR compliance.”
  • Then, the development of an action plan to improve the level of security and compliance.
  • Finally, a follow-up on the implementation.

In the first phase, the existing diagnostic aimed to obtain a maturity score on the cybersecurity and GDPR axes, and certain vulnerabilities were identified.

Onepoint and WeSiReport also conducted joint workshops to fully understand the issues and find accessible solutions for the startup.

On the GDPR side, Onepoint advised WeSiReport on making its SaaS application and institutional website compliant (privacy policy, cookie management, etc.), as well as ensuring that key GDPR points were respected (data retention period, informing individuals, data security, relationships with subcontractors, etc.).

Beyond Data: How to Improve Positioning

Onepoint also supported WeSiReport in its marketing and communication strategy.

The strategic marketing challenge was to define WeSiReport’s positioning and adapt it to its two main targets: adapted companies and large corporations.

Onepoint and WeSiReport formalized the business model, the promise, and the key messaging during joint workshops. “Time-to-market was key for WeSiReport,” says Claire Darleon, Marketing and Communication Consultant. “Applying agile marketing principles allowed us to co-create and implement the marketing strategy quickly and effectively.”

This approach of sharing and supporting towards autonomy was deeply human, with a simplicity in the relationship that others do not offer.

Christophe Guérin, co-founder of the startup WeSiReport.

This was operationally translated into a review of the startup’s communication/sales materials, followed by digital marketing and communication actions.

  • Participation in key inclusion events such as Inclusiv’Day in Paris,
  • Contacts and collaborations with other stakeholders in the employment and disability sector,
  • Media presence through active engagement on social media.

Lessons for everyone

While Onepoint’s support of WeSiReport aligns perfectly with our commitment to a more inclusive, fair, and regenerative economy, it also serves as a fantastic case study.

“We are working with an innovative startup that is developing a deeply human project aimed at people with disabilities,” says Arnault Pousset. “They move forward with passion, driven by the desire to offer businesses a high-performance solution. Until they face the reality of prospective clients asking questions about cybersecurity and compliance with data protection regulations.”

Onepoint’s expertise, as a B Corp certified company, helped WeSiReport overcome this challenge. Furthermore, with this in-depth support, the startup identified new growth opportunities. “We are considering expanding our app to serve other vulnerable groups: seniors in home care, at-risk youth, bullying victims…” concludes Christophe Guérin.

Onepoint is already considering deploying the WeSiReport application within its own organization as part of its Mission Handicap.

“Being attentive to each other, welcoming people with disabilities, and adapting the work environment are actions that make a difference and align with the values of openness, inclusivity, and elegance that are dear to us.” – Stéphanie Obis, Disability Officer at Onepoint.