Compliance with the General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR) is European Union Regulation 2016/679 on the Protection of Individuals with regard to the Processing of Personal Data.

It has been in force since 25 May 2018 in Greece and sets stringent requirements for the collection, recording, storage, processing and protection of the personal data of the individuals with whom each organization interacts (eg employees, clients / servants etc).

The regulation concerns practically all private and public organizations, irrespective of size or field of activity (private and public enterprises, state authorities, local authorities, legal entities, non-profit NPOs, etc.). It lays down specific obligations to adopt measures and policies, institutionalize procedures and actively involve staff on personal data protection issues.

Implementation of the Regulation extends:
i. In each type of personal data processing
ii. In any kind of files, physical or electronic
iii. In file contents that may include, but not limited to, citizens / servants, staff (current and former), recruitment candidates, affiliates, suppliers, recipients of mailing lists, website visitors.

The Regulation provides for administrative fines of up to € 20 million for businesses or entities that do not comply with its requirements (eg in cases of violation of personal data, refusal of access of persons to their data, unauthorized international transfer of personal data, the necessary procedures provided by the Regulation, etc.). The draft law on "Protection of personal data in application of Regulation (EU) 2016/679" introduces additional civil and criminal penalties for the controllers, if specific breaches of personal data protection provisions are identified.

MENTORING SA has developed a standard methodology for complying with the requirements of the Regulation, FDC-GDPR (Framework for Demonstrable GDPR Compliance), which allows a holistic examination of all parameters that affect the processing of personal data in an organization and particularly:
- Business operations
- Policies and procedures
- Technological Systems
- Legal issues
- Infrastructure / Physical security

Mentoring SA is also ISO 9001:2015 Certified with Scope of Adaptation and Compliance Consulting Services to the requirements of the General Data Protection Regulation (GDPR).

For more information click here