GDPR Compliance Solutions

-


The General Data Protection Regulation 2016/679 (GDPR) was passed on 27 April 2016 and is mandatory for all Member States of the European Union since 25 May 2018, creating a single legal framework without the need for national legislation and by deleting existing legislation. The new regulation significantly increases the obligations of businesses, and the size of the fines are set too high on the top management agenda. Object of the General Regulation 2016/679: The establishment of a single legal framework for the processing of personal data in the Member States of the European Union, which sets out a series of restrictions and new obligations on businesses regarding:

  • The processing of personal data throughout its life cycle, from collection to destruction 
  • Transferability to other countries 
  • Protecting the rights of individuals 
  • Security (privacy, integrity, availability) of personal data 
  • The disclosure actions that the business should do in the event of a violation 

In the event of a breach, substantial increased fines are foreseen, which, depending on the breach's type and size, reach up to EUR 20 million or 4% of world annual turnover.

Who is concerned? All private and public enterprises and government authorities that in any way collect, process and generally manage customer personal data, related to their customers, employees, associates or other individuals. As a result, the new regulation applies practically to all businesses, inside and outside the European Union, as long as the data concern European citizens.

Obligations that arise. Companies and organizations subject to compliance should:

  • To follow the basic principles of personal data protection, to collect the personal data for a specific legitimate purpose and only those that are necessary 
  • Do not make them further processed in a way that is incompatible with the purpose 
  • To store them for the shortest possible period of time, to receive - where appropriate - the free and explicit consent of natural persons 
  • Transferring them to non-EU countries only under certain conditions, to give access to personal data to their partners only under specific circumstances and if they prove their compliance with the new regulation 
  • Develop electronic tools for timely and free response to requests for: withdrawal of consent, access to data, correction of data, deletion of data, limitation of processing, delivery of data in electronic form, transfer of data to another organization 
  • Communicate appropriately and in a timely manner to natural persons their rights to ensure the security of personal data throughout their life cycle, 
  • Keep records and notify any violation of the data within 72 hours to the Data Protection Authority and to natural persons with direct information or public notice 
  • Prove that they comply with all the requirements of the Regulation. 

Problems to be addressed. Businesses and organizations subject to compliance with the Regulation have the following problems under the new regulation:

  • Precise knowledge of what data they collect and process at each stage of their activities, who they are involved with and with which tools and procedures 
  • Accurate definition and separation of business needs to ensure that all the required consent of the subject is ensured and no redundancy is processed 
  • Systematic control to meet the requirements of the Regulation at each stage of data processing 
  • Assessing risks that may lead to violation of personal data, resulting in severe financial penalties and impact on corporate reputation 
  • Getting effective digital - using artificial intelligence - to mitigate the risk of breaches of the regulation, without compromising the business priorities of the business. 

Services we offer. We have formed a working group and with our experience in providing integrated services to small, medium, large companies and organizations in Greece and Cyprus we support you with the following services:

  • Diagnosing and mapping the level of compliance with the new regulation by creating a processing activity archive 
  • Privacy Impact Assessment on data protection to identify the most important risks 
  • Proposed Compliance Plan, support and guidance in their implementation for holistic compliance 
  • Development of policies and procedures for the protection of personal data, in a complete system 

Contact for more information: skassios(at)gmail.com

Σχόλια

Δημοσίευση σχολίου

Δημοφιλείς αναρτήσεις από αυτό το ιστολόγιο

Interview with Sergali Adilbekov, founder of Swiss Social

-
Εικόνα
Please introduce yourself to the readers of this blog and update us on your latest ventures. My name is Sergali, I am originally from Kazakhstan, educated in the USA, and now living in Switzerland. My career brought to many different industries such as private equity, agricultural and construction equipment, all vertical chain of oil & gas businesses, and accumulating many social contacts through work and travel I decided to start a few social initiatives that would let me share interesting things among the people that I know and offer them a platform to network with each other at a cardinally new high-quality level. That's when I started my two latest ventures - I'm the Founder & Curator of TEDxLugano conference and the Founder & Owner of Swiss Social networking club. The goal and purpose of Greek Social Network Club and introduction to the wider global organization?  Greek Social is one of the daughter projects of Swiss Social (that became quite viral a
Διαβάστε περισσότερα

My new article published in Naftemporiki newspaper

-
Εικόνα
December 6, 2023: Naftemporiki major business newspaper in Greece, published my new article “ Οι παγίδες της επενδυτικής βαθμίδας “. Welcome to read it and please share with your network: https://www.naftemporiki.gr/afieromata/the-n-society/1544203/oi-pagides-tis-ependytikis-vathmidas/ If you examine the matrix above, Greece still has a long way to go before receiving higher investment grade status from S&P, Moody’s and Fitch. The country needs to move in 2024 from BBB higher up with executing important political & economic reforms that need to take place before further receiving investment upgrades. –Efstathios Kassios www.skassios.com 
Διαβάστε περισσότερα

My conversation with an AI Chatbot

-
Εικόνα
Dear readers, I recently had an interesting short “conversation” with an AI chatbot. Here’s an excerpt from the conversation including a simple graph generated by the AI chatbot itself: -Efstathios Kassios : Can you compare and visualize Human Intelligence to Artificial Intelligence in a simple graph with your current knowledge? -AI Chatbot : Comparing human intelligence with AI intelligence in a graph is a complex task, as intelligence is a multifaceted concept with various dimensions. Nevertheless, here’s a simplified representation that considers certain aspects: In this basic visual representation: -The vertical axis represents the  level of intelligence . -The horizontal axis represents  time . The graph suggests that AI intelligence, depending on the specific task and domain,  may surpass human intelligence  in certain areas over time. However, it’s crucial to note that human intelligence is complex, encompassing emotional, social, and creative aspects that current AI systems oft
Διαβάστε περισσότερα