THE REGULATION IN A NUTSHELL

THE NEW DATA PROTECTION REGULATION

On April 27, 2016, the European Parliament approved the General Data Protection Regulation (EU 2016/679), which repealed Directive 95/46 / EC, and became enforceable on May 25, 2018.

WHO IS AFFECTED?

All public entities and companies that process classified data (sensitive, biometric, health, judicial, etc.), and/or that collect large amounts of personal data, are subject to the application of the Regulation.

AIMS

Through the formulation of the GDPR, the European Union aimed at harmonizing the laws of individual countries and consolidating the right of its citizens to data protection.

 

WHAT HAPPENS IN THE EVENT OF A DATA BREACH?

Icona Violazione
Violation Occurred (Data Breach)

The Data Protection Authority requires the communication of all cases in which there is loss, destruction or improper dissemination of stored, transmitted or processed personal data (as a result of computer attacks, unauthorized access or accidents).

Icona Notifica Garante
Notifying the Data Protection Authority

The data controller must notify the Data Protection Authority of a data breach without delay – if possible within 72 hours from the time a breach is discovered. If there is a delay, the notification must be accompanied by a documented justification.

Icona Notifica Interessato
Notifying the Interested Parties

The data controller will also be required to notify any interested party of any violation of his/her personal data (data breach notification).

Icona Sanzioni
Sanctions

Any sanctions levied against a breached company must be effective, proportionate and dissuasive, taking into account the nature, gravity and duration of the violation, as well as any willful or negligent behavior contributing to the offense. The Data Protection Authority can issue fines of up to €20 million or 4% of global annual turnover.

Are you ready to learn about the GDPR?

DOWNLOAD THE FLYER

WHAT MEASURES TO TAKE

Based on what’s indicated in Article 32, and considering the principles of confidentiality and integrity, as well as the availability of data, we can identify technical measures to help limit the risks associated with any possible violations.

Icona Gestione Log
Log Management and Access Monitoring

Collection of logs, in compliance with regulations, along with proactive monitoring of the privileged activities of IT administrators.

 

Icona Database Auditing
Database Auditing and Encryption

Partial or full encryption of databases and related backups containing sensitive data. Definition of access policies and the monitoring of any activities carried out on these databases.

Icona Full Disk
Full-Disk and File Encryption

Encryption of disks and files containing confidential data regardless of their location – local or removable disks, network shares, cloud storage – and regardless of the device used.

 

Icona Gestione Informazioni
Information Management on the Go

Control of mobile devices – corporate and private (BYOD), smartphones and tablets – and management of any content exchanged through corporate mail or cloud storage services.

What If Some Encrypted Data is Stolen From Me?

If the Data Protection Officer is able to demonstrate that the stolen data was encrypted, it is possible to avoid notifying the interested parties of the data breach and, subject to evaluation by the Data Protection Authority, you will not incur administrative penalties.

HOW WE CAN HELP

Our experts have successfully selected and applied a series of methodologies and technical solutions that allow you to raise the security level of your corporate information assets.

Our Privacy Compliance Competence Center is at your disposal to:

  • expound the requirements of regulations
  • carry out an assessment of your compliance level and identify any new measures to be implemented
  • train your staff on best-practice security measures, compliance, and prevention through remote and classroom-based courses
  • support your company in applying the appropriate technical countermeasures.

REQUEST A CONSULTATION NOW