Assessment
Assessment and design phase
The assessment phase allows you to design adequate data governance.
The firm offers the possibility of carrying out an in-depth analysis of company processes (Gap Analysis), in order to highlight both the critical issues and the shortcomings in the processing of personal data.
Our Privacy team will take care of:
- Define the main treatments carried out and evaluate the conditions of lawfulness; Assess the presence of organizational procedures suitable to guarantee compliance with EU Regulation 679/2016 at least for the main processing activities; Evaluate the IT infrastructure and the IT security requirements adopted.
The outcome of the Gap Analysis guarantees complete knowledge of the company context.
Starting from the results of the assessment it is possible to determine the actions necessary for company compliance with the provisions of the Regulation (e.g.: Mapping of Processing and the related Register of Processing Activities).
The Privacy team will establish a detailed action plan to achieve full compliance, namely:
- Letters of appointment of the reference figures; Management of the video surveillance system; Privacy information and consent forms; Specific document formats for the management of IT and technological resources (Change of password, periodic checks, wifi network access, etc.); Definition and correct compilation of the data processing register of the Data Controller and of the person responsible for processing personal data; Definitions of the organizational charts and policies on the use of IT tools; Definition of the Privacy Organizational Model (MOP).
