The new EU Regulation 2016/679, also called “General Regulation on Data Protection”, came into force in all EU countries from 25/05/18, obliging all public and private companies to comply with the new legislation. The objective of the new Regulation is to have more protection for citizens and simplifications for businesses, ensuring the protection and free movement of personal data. Such information is a fundamental asset for any kind of activity and for the growing development of computerized personal data processing.
In this regard, the new Regulation obliges data controllers to review and update all documents and operations in the company, applying appropriate security measures both technological and organizational and demonstrating their effectiveness.
G&A services for GDPR management
It is important to rely on specialists with a broad vision of the market and integrated skills in the field, such as the G&A Team. We support our Clients in managing the processing and security of personal data.
- Preliminary risk assessment audit
- Compliance with the new EU Regulation 2016/679
- Training on the protection and processing of personal data
- Internal audits to verify compliance with requirements
- Keeping the company system under EU Reg. 2016/679
- Update of the company system to EU Regulation 2016/679
Every public or private organisation, including non-profit organisations, must assess the risks relating to the processing of data and put in place adequate organisational, technological and IT measures to manage the information on private individuals.
EU Regulation 2016/679, known as the GDPR (General Data Protection Regulation), applies to the processing of personal data and to the non-automated processing of data stored in a file or database as defined in the Italian Privacy Code.
Unlike the current Legislative Decree 196/01, the new Regulation also applies to Bodies, Companies and Organizations, including those with registered offices outside the EU, which process data of persons residing in the European Union, regardless of the location of the storage and processing systems (servers).
According to the European Commission, personal data refers to any information relating to an individual, concerning his or her private, professional or public life. It may relate to any personal data such as names, photos, email addresses, bank details, interventions on social networks, medical information or IP addresses of computers.