GDPR Operational Solutions | Real Comm srl

 

Carrello vuoto

Wishlist vuota

GDPR Operational Solutions

Our operational support for the GDPR

On May 25, 2018, the General Data Protection Regulation (GDPR) will come into force across Europe.

The remaining time is not very much. In fact, according to a recent survey by Gartner, one in two companies may not be in compliance with the GDPR by the end of 2018, which is well beyond the legal deadline.

The problem is that for those who do not comply in time, the penalties are extremely high: 4% of turnover with a maximum cap of 20 million euros.

What exactly is the GDPR? The General Data Protection Regulation is a set of rules and provisions, identical for all the member states of the European Union, regarding data protection.

GDPR

What do companies need to do in practice? There are four critical issues that a company may have to address, which we report in a concise form.

  • Appointment of the DPO (Data Protection Officer). Some companies will need to appoint a data protection officer (DPO). This figure will be responsible for ensuring regulatory adequacy (compliance) and will represent the point of contact between the Data Controller and the Privacy Guarantor.
  • Strengthening of existing security measures through appropriate risk assessment.
  • Cataloging of data processing activities in internal logs (log). These logs can be consulted to demonstrate the implementation of regulatory compliance.
  • Creation of company procedures to support the right to data portability and the right to be forgotten. 

How can we help you in practice? Here's how we can concretely support you in the process of achieving regulatory adequacy, both from a technological and legal perspective.

  • Technological consultancy: creation of customized analyses based on specific company needs.
  • Legal consultancy: analysis of the starting regulatory compliance, carried out by a Lawyer, and definition of appropriate paths to its achievement.
  • Asset mapping: analysis and mapping of the existing ICT infrastructure in relation to the new regulatory scenario.
  • Log management: implementation of software technologies suitable for the collection and analysis of system logs.
  • Network security: provision and configuration of firewalls and execution of penetration tests.
  • Backup: provision and configuration of suitable backup tools, local, cloud-based, physical and/or virtual.
  • Data encryption: implementation of robust, secure, and reliable data encryption mechanisms.
  • Compliance surveillance: periodic monitoring of the adequacy of the policies implemented according to the new regulatory framework.
  • Web & Mail Security: verification of the security levels of Web Applications and Mail Servers.

 

CONTACT US
You can call our toll-free, from Monday to Friday from 8:30 to 18:30.Or find other ways to contact us or ask for assistance.