SECURITY
MANAGEMENT

GDPR Consulting

Since May 25, 2018, every organization handling personal data of European citizens in any way, is obligated to comply with the GDPR regulation.

In order for the organization to be GDPR compliant, it should:

  • Identify the personal data it processes and the points where they are stored and used.
  • Establish the necessary security policies for the protection of personal data and record and implement the required GDPR procedures.
  • Protect the confidentiality, integrity and availability of personal data by technical means.

SIMA Security provides reliable consulting services to ensure compliance of information infrastructure and processes with the GDPR regulation. Specifically, points where personal data of European citizens are held, as well as their flows, are identified and recorded. Additionally, compliance with access, storage, transfer, and analysis procedures of data according to GDPR is ensured, along with data availability.

Moreover, all required procedures are drafted according to GDPR, such as identifying personal data, their deletion/oblivion, recording consent of subjects, and the reaction in the event of an incident.

A Data Protection Impact Assessment is carried out and appropriate interventions /corrections or proposals are made in systems, infrastructure, applications, corporate processes and operations, employee behavior, division of responsibilities and potential appointment of a Data Protection Officer (DPO).

As a result of IT GDPR Consulting, the information technology infrastructure and processes become compatible with the new regulation, while any points of non-compliance are recorded for future resolution.

Benefits
for the company