Privacy and Data Protection
The New EU Data Protection Regulation will introduce new obligations and perspectives for every organization the processes personal data. The risk-based and result-oriented approach to compliance, together with its European-wide scope is quite innovative.
With the GDPR, Data Protection becomes an integral part of organizational compliance, a necessary process for every kind of organization, even more so considering the new figure of the privacy officer. We offer specialized data protection consulting services designed to allow your organization – commercial or otherwise – to be compliant with national, EU and international regulations and laws. We can cover both the organizational and the technical sides of compliance.
Our services can be articulated as follows:
- Gap analysis of the current level of compliance and how to ‘get there’.
- Developing of all prescribed documents for privacy compliance
- Data Protection Impact Assessment
- Audit of privacy controls in place
- Developing of instructions for IT systems users and security policies
- IT security controls for privacy
- Organizational controls
- ISO/IEC 27001 implementation and controls
- Information and consent
- ePrivacy Directive compliance
Our extensive experience in information security management systems and cybersecurity allows us to tackle particular data protection issues as well:
- Data Processing for Marketing use and profiling
- Biometric and genetic data
- Geolocalized data
- Employees data processing
- Video Surveillance
- Judiciary data and digital forensics
We can act as an external Data Protection Officer (DPO) esterno for every kind of European organization.