THE NEW EUROPEAN PERSONNEL DATA PROTECTION REGULATION (GDPR)
The purpose of the Regulation is to harmonize the legal framework for the protection of data privacy across Europe. Any natural or legal (both public and private sector) person - businesses, Public Organizations and Local Authorities - who maintain and / or process personal data, must, from 25 May 2018, adapt their activities to a renewed - and more stringent - legal framework. Personal data may be any information relating to a recognized or identifiable natural person. Processing means any process involving personal data such as: collecting, storing, recording, modifying, retrieving, using, deleting or exporting The new regulation significantly increases the company's obligations regarding the management of personal data and, in cases of non-compliance, the size of the fines (up to 20 million euros or 4% of the turnover) places it very high on its daily agenda top management of each company.
The GDPR compliance framework
Businesses and organizations must respect the basic principles of personal data protection and, to satisfy them, businesses must at least:
- to take the necessary technical and organizational measures
- to create and update the processing registry,
- to develop policies and procedures for the protection and security of personal data
- to appoint a Data Protection Officer
- comply with codes of conduct or have certificates proving their compliance with the Rules.
KEK THEMELIO, a well-established organization in the field of professional education and specialization, supports organizations and businesses that manage, maintain and process personal data in order to adapt quickly to the requirements of the new European General Data Protection Regulation (known as GDPR).
- Organizing a training program
- Compliance preparation and support services for the operator / undertaking
Services are provided in two phases.
1. The first refers to the actions required to be implemented in order to comply with the GDPR Regulation by 25/05/2018. Against this background, and as the organizations and businesses want it, "KEK THEMELIO" contributes to their preparation for certification according to the international standard ISO 27001, while ensuring their compliance with the GDPR regulation.
2. The second refers to the after-service support services of the organization under the GDPR Regulation.
Preparing for compliance
Our services required to be implemented to comply with the GDPR Regulation by 25/05/2018 are distinguished in 7 steps as shown in the following graph.
Support Services & Data Protection Officer (DPO) for GDPR
In addition to training, our support services to the initial and subsequent compliance of the organization with the GDPR Regulation include, among others
- Drafting of institutional texts (manuals, policy papers, etc.) and the procedures required to best maintain compliance with Regulation
- Subsequently, support and training of the Enterprise / Organization personnel
- Constant information and counseling to the executives of the Organization / Organization
- Controlling the Implementation of Compliance Activities with the GDPR Regulation
- Surveillance of Incident Response Plan for Incident Response Plan.
- Assessment and suggestion for appropriate security measures to protect personal data.
- Communicating, representing and cooperating with the Supervisory Authority on matters relating to the personal data of the Company / Organization
All consultants and technical experts participating in the Project Team have proven experience and training in Management Systems and special technical requirements related to these Standards and Regulations.
- Patras, Panepistimiou 369Α Tel: 2610.453189 & Mob. 6948.259360.
- Agrinio Galani 16-18 Tel: 26410.48101 & Mob. 6934.269672.