What is the GDPR?
What is the GDPR?
At the end of a process lasting more than four years, on 4 May 2016 the definitive text of the EU Regulation (2016/679) concerning the protection of individuals with regard to the processing of personal data and the free movement of themselves, also called GDPR (General Data Protection Regulation). It is a candidate to become the regulatory benchmark for each EU Member State, effectively opening up a completely new privacy scenario.
It goes without saying that an instrument of such recent realization is still unclear or even unknown to the Italian corporate landscape. This is where we intervene: we intend to offer and offer our help through a series of GDPR consulting services, which act as support for companies, in Bologna and beyond, which intend to implement the new EU legislation on the General Data Protection Regulation.
But what changes substantially with the advent of the GDPR? The General Data Protection Regulation contains, together with some confirmations of elements already known in the field of personal data protection, numerous novelties: just think of the introduction of principles such as accountability or the new parameters related to privacy by design and privacy by default ; and, furthermore, to the introduction of the registers of the treatments paid by the owners. Not to mention the need for a different approach to data protection, no longer "perched" on the indispensable minimum but proactively aimed at suitable and adequate measures, case by case.
The introduction of the GDPR also implies a significant increase in risks and responsibilities, both of a civil nature (the liability regime changes in the event of damage caused by the processing of personal data) and of an administrative-pecuniary nature; as is now known to the majority, there is a risk of penalties of up to 20,000,000 euros or even up to 4% of worldwide annual turnover.
The complexity of the matter relating to the General Data Protection Regulation can be correctly addressed by relying on our GDPR consulting services and our subject matter experts.
The deadline for implementation and full application of the GDPR is set for May 25, 2018.
Given then that the principle of accountability prevails, according to which everyone will be free to assume their own responsibilities (the concept of "self-empowerment" is actually the true criterion inspiring the new discipline contained in the GDPR), we have tried to decline the by creating a GDPR consultancy service, placing ourselves (as we always do) in the same condition as our client that we will support, in whole or in part, along this path.
Another aspect to clarify is that there is no Italian GDPR, but only a European GDPR, even if accompanied by Italian guidelines.
There are many questions that organizations are posing:
- GDPR what to do?
- GDPR what changes?
- GDPR in summary
- GDPR privacy: but is this still privacy?
- I would like to have a GDPR software to figure out what to do
- GDPR Sanctions: But Are They True?
We believe that this novelty introduced by GDPR legislation should always be seen as an opportunity rather than as a threat.
Security and privacy must always be important, not just when they touch us; our GDPR consulting services also aim to create awareness about the importance and value of the concept of privacy.