All Information Technologies, and consequently all the business sectors, will have to provide all the necessary measures to comply with new requisites and legal prescription derived from the European Directive 95/46 then ratified as GDPR (General Data Protection Regulation).
We provide private and public company and organization with all the technical, legal and governance knowledgement which is essential to achieve a complete Privacy System based on Risk Management and Security Readiness.
Risk Analysis â€“ Based on a preliminary check of all the business processes, we shall formalize a Risk Analysis Document suitable for the audit and a continual monitoring of defense measures and IDS/IPS services for anti-intrusion methodologies.
Privacy & DP â€“ A complete documentation of the Privacy System will be implemented for all the business functions implied on the personal data treatment according to Data Retention, Data Theft Prevention and Secure Data Storage activities. Al the manuals, the procedures and the registration of the Privacy System will also comply and integrate with Italian legislative Decree 231/01; simultaneously, we shall provide Data Protection Officer SOPs and either SLA and PLA services for the Joint Controllers (or external Data Processors).
Data Center Cloud Migration â€“ The un-relinquishable technological revolution imposed by the Cloud Computing (CC), will strongly influence the Data protection systems. The CC is certainly a great opportunity of improving performance of ICT departments and still saving times and costs, yet the migration from the on premises Data Center and the CC hypervisors environment needs to be carefully assisted. The adequacy of a technological plan is critical and we provide all the mission critical competences as technological partners to achieve goals and avoid dangerous consequences for the business.
SLA, PLA & BCR â€“ In the future, the business will increasing depend on the external IT services providers. These commercial interactions will have to pose stringent Binding Corporate Rules (BCR), Privacy LevelÂ Agreement (PLA) and strong Service Level Agreement (SLA) to protect the business. We shall provide all the support required by these duties.
Data Retention â€“ the Data Retention is an incumbent duty related to GRC in ICT world as well for the legal aspects. It is mandatory that System and DB Administrators setup credible, effective and documented procedures to guarantee congruous periods for life cycle of the business data. All processes need to be associated with not perishable and automated log evidence of adequate measures for data treatment, including de-materialization and sound digital erasure for historical information that have passed finality and pertinence constraint as defined by company policy.