[wpa_toolbar]

General Data Protection Regulation – GDPR

WHAT IS THE EUROPEAN REGULATION 2016/679

The European Regulation 2016/679 (General Data Protection Regulation, GDPR) establishes the configuration of a common legal framework for the protection of natural persons against the process of personal data within the member states of the European Union, setting a series of restrictions and new obligations on businesses regarding:

  • the process of personal data in their whole lifecycle, from collection to deletion
  • the transferability of personal data to third countries
  • the protection of natural person’s rights
  • the security (confidentiality, integrity, availability) of personal data
  • disclosure actions that the business is obliged to perform in case of breach


TO WHOM DOES THE GDPR APPLY

GDPR is applied to all private and public sectors that process in any way personal data of natural persons customers, customers of their customers, employees, associates or other natural persons. However the compliance requirements for every business differ regarding the volume of processing data, the type of the data (e.g. sensitive) and the processing actions.


WHAT IS PERSONAL DATA

Personal Data means any information relating to an identified or identifiable natural person for example:

  • identification data (name, age, resident address, occupation etc.)
  • natural characteristics (height, weight, skin color etc.)
  • financial status (income, assets, economic behavior)
  • sensitive personal data (medical records, medical exam results, biometrics, political beliefs, sexual orientation etc.)

 

Εικόνα1


WHAT DOES THE TERM “PROCESSING” MEAN

According to GDPR ‘processing’ means any operation or set of operations which is performed on personal data , such as collection, recording, processing, storage,  erasure or destruction.


FINAL DATE OF COMPLIANCE

GDPR is activated in a mandatory application for all member states of the European Union by 25/05/2018.


WHAT ARE THE IMPACTS OF NON COMPLIANCE

  • The administrate fines can reach up to 4% of the total worldwide annual turnover of the company, or 20 million euro (whichever is higher)
  • Deterioration of company image and loss of customer and market trust
  • Customer loss

Εικόνα10

THE APPROACH

SAMARAS & ASSOCCIATES Ltd having the knowledge and experience in developing systems for information security management, risk analysis studies and recognizing the complexity of the mandatory compliance of businesses regarding the Regulation’s demands, has assembled specialized executive teams, in order to offer integrated services to its customers.

Specifically for every project a specialized project team is assembled that consists of:

  • Legal Advisor
  • IT Expert
  • Business Organization Advisor

The customized approach aims to reach the complete compliance of your business regarding the Regulation’s demands both at organizational and technical level, always depending on the type and the range of the personal data, the company structure and operation.

 

Εικόνα

WHAT OUR CONSULTING SUPPORT CONSISTS OF

The integration stages of an advisory support project so that businesses comply to the GDPR Regulation usually are:

  • Compliance Gap Analysis (CGA) according to the Regulation
  • Personal Data Mapping
  • Data Privacy Risk Assessment (DPRA) according to the processes of the personal data
  • Data Privacy Impact Assessment (DPIA) regarding the protection of the personal data
  • Risk Treatment Plan (RTP) suggestions to encounter the identified risks or/and reduce their impact
  • Suggestions for organizational and technical measures in order to achieve Regulation compliance
  • Advising on the drafting of the mandatory compliance documentation to the Regulation (Codes of Contact, concession forms etc.)
  • Executive Awareness Training regarding the Regulation requirements and the compliance process
  • Compliance Audits

 

ADVANTAGES OF SAMARAS & ASSOCCIATES

  • Fluent knowledge of the Regulation and the deduced
  • Integrated treatment with the establishment of a fully staffed Project Team
  • Essential advisory support with specific – targeted solutions
  • Customised services with adjustment of methods and suggestions to the structure and the data of each customer

News

LOCATION

  • THESSALONIKI

  • 43 26th Oktovriou str., LIMANI CENTER

  • Postcode 546 27

  • ATHENS

  • 10 Panepistimiou str., Syntagma

  • Postcode 106 71

CONTACT

twitter
facebook
samaras