What is the GDPR
The EU Regulation 25/2018, known as GDPR (General Data Protection Regulation: General regulation for the protection of personal data), standardized the legislation on data relating to all European citizens, whether they are processed inside or outside the Union.
Safecore can provide advice GDPR for companies, organizations and in general all entities that process or manage personal data for various reasons.
Safecore has all the skills and professionalism necessary to carry out a management audits GDPR in place, and to suggest the operations and procedures necessary to meet the compliance criteria.
Since its entry into force, the General Data Protection Regulation, known as GDPR, highlighted both the importance of personal data protection and the need for companies to promptly carry out a technological update.
Comply with the rules GDPR for companies it means both observing specific procedures and acquiring adequate IT solutions, also in terms of security.
How does the GDPR for companies
The data controllers and processors must implement technical and organizational measures to ensure data security appropriate to the risk of the treatments they perform;
the related risks must be assessed not only in relation to the consequences to which the data controller or manager could be subject but also and above all the data subject to whom such data refer. In optics GDPR an adaptation primarily requires the protection of user data, which must be treated with particular care.
Safecore makes its know-how in terms of IT security and vital data management available to its customers and offers the possibility to carry out the adaptation GDPR quickly and effectively.
Our experts, in addition to carrying out careful analysis of internal data management procedures, they suggest better solutions, both in strictly technological terms and in terms of company procedures necessary to keep the data protection chain intact during the processing and safe storage of information.
In fact, we recall that the legislation GDPR it provides not only retention criteria, but also data processing criteria if these, for example, have to be managed by different players within the company.
How is the support for adaptation to the GDPR of companies
Safecore offers companies a modular offer that covers both formal, bureaucratic and technological requests.
Here are the main services offered:
- inventory of personal data, the tools used and the entities involved
- flow description
- execution of the Data Privacy Impact Assessment
- review and update of processes, procedures or forms
- definition of the security measures to be implemented or improved and support in their adoption
- staff training
- Tracking high-value, high-risk targets.
The proposed mix of activities allows companies to have Safecore as the only interlocutor to solve all the problems related to the adjustment GDPR o get support only for some activities in case some of the regulatory requests are handled internally.
Based on the characteristics of the customer, Safecore can provide support in the evaluation, integration and implementation with other data security management systems, including personal ones (e.g. ISO 27017 and 27018 for the management of personal data in a cloud environment). In particular, the possibility is offered to create a PIMS (Personal Information Management System) according to the ISO 27701 standard, an extension of ISO 27001. This opportunity is valid for all customers, but especially for those who already adopt an ISMS or who wish to start its construction process.
Who can benefit?
All companies, entities and organizations that process personal data, i.e. data relating to natural persons, of any nature and for any purpose. The modular offer of Safecore also offers support to specific business functions, for example IT, audit, legal, HR, etc. The services offered can be integrated with pre-existing dedicated management systems, or offer the most suitable technological solution for every type of need.