ΙΤ GDPR Consulting

You are here:

Home
Services
ΙΤ GDPR Consulting

What is it

IT GDPR Compliance is the service that, together with the GDPR Audit, prepares the IT department for the GDPR regulation.

As a result of IT GDPR Compliance, IT infrastructures and processes become compatible with the new regulation, while any points where there is not full compatibility for objective reasons or by the Organization’s choice, are recorded and known for future actions.

As of May 25, 2018, any organization that manages personal data of European citizens in any way must comply with the GDPR regulation.

In order for the organization to be compliant with the GDPR regulation it should:

1. To identify the personal data it stores and to identify the points that are stored and processed.
2. To establish the necessary corporate security policies in relation to the protection of personal data to record and implement the procedures required by the GDPR.
3. To protect the confidentiality, integrity and availability of personal data by technical means.

Services we provide

Computer Link Business Solutions, within the framework of this service, provides reliable consulting services so that information infrastructures and processes are compatible with the GDPR regulation.

More specifically, the points where personal data of European citizens are kept are identified and recorded, as well as their flows. The compliance of data storage, transfer and analysis access procedures with GDPR is ensured, as are the mechanisms to ensure data availability.

All the necessary procedures according to GDPR are drawn up, such as finding personal data, the deletion/forgetting process, the registration of proof of consent of the subjects, and the reaction in the event of an incident.

A Data Protection Impact Assessment is carried out and appropriate interventions/corrections or proposals are made to systems, infrastructure and applications, corporate processes and operations, employee behaviour, division of responsibilities and possible DPO appointment.

As a result of IT GDPR Consulting, computerized infrastructures and processes become compatible with the new regulation, while any points where there is no full compatibility for objective reasons or by the Organization’s choice, are recorded and known for future actions.

Compliance Actions

1. The points where personal data of European citizens are kept are identified and recorded, as well as their flows. 2. The compliance of the procedures for access, storage, transfer and analysis of the data with the GDPR is ensured, as are the mechanisms for ensuring the availability of the data. 3. All the necessary GDPR procedures are drawn up, such as finding the personal data, the deletion/forgetting process, the registration of proof of consent of the subjects and the reaction in the event of an incident. 4. A Privacy Impact Assessment is carried out. That is, the magnitude of the impact on people from any leakage or unavailability of their personal data is assessed. 5. Appropriate interventions/corrections or suggestions are made to systems, infrastructure and applications, as well as corporate processes and operations. 6. Suggestions for informing employees regarding the GDPR, the division of responsibilities and the possible appointment of a DPO.
2. The compliance of the procedures for access, storage, transfer and analysis of the data with the GDPR is ensured, as are the mechanisms for ensuring the availability of the data.
3. All the necessary GDPR procedures are drawn up, such as finding the personal data, the deletion/forgetting process, the registration of proof of consent of the subjects and the reaction in the event of an incident.
4. A Privacy Impact Assessment is carried out. That is, the magnitude of the impact on people from any leakage or unavailability of their personal data is assessed.
5. Appropriate interventions/corrections or suggestions are made to systems, infrastructure and applications, as well as corporate processes and operations.
6. Suggestions for informing employees regarding the GDPR, the division of responsibilities and the possible appointment of a DPO.

The main modules of the deliverables are

1. Recording and mapping the data.
2. Risk assessment (Data protection Impact Assessment – DPIA)
3. Analysis of the IT infrastructure and submission of proposals for improvement and compliance.
4. Gap Analysis.
5. Compliance Plan.
6. Legal contracts.
7. Creation of corporate policy.

Management Team

Τα στελέχη ομάδας εργασίας έργου GDPR compliance :

Project Manager
Has professional experience in the provision of auditing and consulting services.
IT Manager
Experienced in managing risk management and data assurance projects. In addition, he has Offensive Security Certified Professional (OSCP) certification and Information Security Management Systems (ISMS) Auditor / Lead Auditor.
Legal Manager
Experienced in consulting law on digital data and rights issues.
Data Protection Officer
Certified and experienced in ISO.

ΙΤ GDPR Consulting

What is it

1. To identify the personal data it stores and to identify the points that are stored and processed.

2. To establish the necessary corporate security policies in relation to the protection of personal data to record and implement the procedures required by the GDPR.

3. To protect the confidentiality, integrity and availability of personal data by technical means.

Services we provide

Compliance Actions

2. The compliance of the procedures for access, storage, transfer and analysis of the data with the GDPR is ensured, as are the mechanisms for ensuring the availability of the data.

3. All the necessary GDPR procedures are drawn up, such as finding the personal data, the deletion/forgetting process, the registration of proof of consent of the subjects and the reaction in the event of an incident.

4. A Privacy Impact Assessment is carried out. That is, the magnitude of the impact on people from any leakage or unavailability of their personal data is assessed.

5. Appropriate interventions/corrections or suggestions are made to systems, infrastructure and applications, as well as corporate processes and operations.

6. Suggestions for informing employees regarding the GDPR, the division of responsibilities and the possible appointment of a DPO.

The main modules of the deliverables are

1. Recording and mapping the data.

2. Risk assessment (Data protection Impact Assessment – DPIA)

3. Analysis of the IT infrastructure and submission of proposals for improvement and compliance.

4. Gap Analysis.

5. Compliance Plan.

6. Legal contracts.

7. Creation of corporate policy.

Management Team

Project Manager

IT Manager

Legal Manager

Data Protection Officer