GDPR - Technological and legal assessment Data Protection Officer as a service Legal and IT advice on GDPR Consulting support for communications to the Italian Garante della Privacy

GDPR - Technological and legal assessment

GDPR

The data protection impact assessment "or" Data Protection Impact Assessment "" DPIA "is a process aimed at describing a processing of personal data, assessing its necessity and proportionality, as well as managing any risks to rights and freedom of natural persons deriving from it, carrying out an assessment of the level of risk and determining the appropriate measures to mitigate it.

The DPIA is an essential and fundamental tool for all data controllers and processors, in order to implement the new approach to the protection of personal data contained in the General Data Protection Regulation GDPR on the principle of accountability.

GDPR

How can we help you?

We work to define with you the Data Protection Impact Assessment for correct data management from a technological and legal point of view. Our experts are PECB certified Data Protection Officers and will verify the correct processing of data by producing all the necessary documentation for GDPR purposes. We will work with you or provide you with a work team to make your organization GDPR compliant.

Data Protection Officer DPO “As a Service”

GDPR

The Data Protection Officer (DPO) is a figure who guarantees organizations compliance with the GDPR legislation. It must act by proposing solutions regarding data protection practices and have general ownership of the data processing activities.

For some organizations it is mandatory to have an appointed DPO, but it is almost always recommended to have such a person.

What are the main activities that the DPO carries out?

  • Defines and maintains an annual plan for data protection
  • It carries out activities in the organization such as: staff training, the creation and maintenance of data inventory and records of processing activities, as well as planning processes
  • Informs and advises the customer on privacy and the best data protection for the organization
  • Check for compliance
  • Provides advice on the conduct of DPIA (Data Protection Impact Assessment)
  • Collaborate with supervisory authorities
  • Serves as a contact point for supervisory authorities
GDPR

How can we help you?

Did you know that the General Data Protection Regulation (GDPR) allows organizations to outsource the role of data protection officer? Michael Slim International's DPO As a Service allows your organization to outsource the role of DPO. The outsourced DPO performs the activities described in the GDPR allowing you to achieve the desired level of compliance. Our DPO as a Service is an all-inclusive data protection and privacy service that is not limited only to the tasks and responsibilities of the GDPR. The service includes an annual data protection plan to define all the steps to achieve the desired level of compliance.

Legal and IT advice on GDPR

GDPR

Legal and IT consultancy is the basis of a good implementation of a GDPR system for any organization.

The use of correct legal technical consultancy skills define success and correct compliance with the GDPR and avoids heavy economic sanctions imposed by the Privacy Guarantor that amount to up to 4% of the organization's total turnover.

GDPR

How can we help you?

Michael Slim International offers technical and legal advice through its lawyers and IT consultants of its organizational structure. In particular, we manage IT / legal projects for compliance with the General Data Protection Regulation GDPR.
Our consultancy is developed according to a project divided into 4 macro phases:
1. Gap Analysis: analysis of the status of your company / organization and detection of any technical and regulatory gaps
2. Project Definition - Definition of the project and the GANTT project plan
3. Implementation - Implementation and adaptation of the areas of intervention identified
4. Maintenance - Maintenance and preservation of GDPR solutions

Consulting support for communications to the Italian Garante della Privacy

GDPR

There are various ways to interact with the Privacy Guarantor and all require particular methods, presentation times, preliminary checks and much more.
For example, remember the Data Breach "as a security breach that involves - accidentally or illegally - the destruction, loss, modification, unauthorized disclosure or access to personal data transmitted, stored or otherwise processed. A breach of personal data can compromise the confidentiality, integrity or availability of personal data "(source: Privacy Guarantor).

The complaint to the Guarantor is a detailed act which represents a violation of the relevant legislation on the protection of personal data (article 77 of EU Regulation 679/2016) and articles from 140-bis to 143 of the Code.

GDPR

How can we help you?

The above examples provide for the activation of communication channels with the Guarantor or specific communications in pre-established methods and times.
Michael Slim International carries out these activities on your behalf while maintaining all necessary safeguards and verifications.