In Europe, GDPR, is probably one of the most highly profiled issue for the last two years.
[GDPR was published in 2016 and was put into effect in 2018.Although in the beginning a few people knew of it or talked about it, in the next years it’s reputation grew very quickly especially after 2018, when the first fines were imposed]
GDPR (General Data Protection Regulation or REGULATION (EU) 2016/679), aims to protect people with regard to the processing of their personal data and to regulate the way that these data are processed, exchanged, transferred between organizations and countries. Personal data, means any information relating to a person who can be identified, directly or indirectly. This information could be regarding the name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
The main problems regarding the processing of personal data are the following:
- The organizations that process personal data, need to be compliant to the GDPR, but usually lack resources, knowledge or trusted partners
- The data subjects (whose data is being processed) have a limited awareness regarding their rights, obligations and limitations
In order to help organizations comply to the requirements for privacy management,we offer Privacy Services that include:
- Gap Analysis against all well known national and international standards (E.g. BS 10012, ISO 27701, ISO 27018 etc)
- Data protection impact assessment workshops
- Data Mapping workshops
- Customized trainings and workshops
- Awareness campaigns
- Proposals for the implementation of measures
- Design and implementation of procedures and documents
- Design, implementation of ISO 27701 compliant systems
- Internal Audits