EASYWAYPRIVACY

The perfect solution to automate and streamline the process of fulfilling the new eu regulation 679/2017

 EASYWAYPRIVACY is the perfect solution for all those companies that want to support actions to adapt to the requests of the Privacy Authority in a fluid and guided way.

Our service combines legal and technological analysis thanks to the synergic action of our Professional Services and an innovative software able to automate the creation and management and the roles and documents required by the GDPR.


 

GDPR and mandatory training: what to do?

Organize a specific training course for business users!

Article. 39 of the GDPR requires that the person in charge of the treatments must train all the personnel in charge of processing the data! Fulfill the guarantor’s requests and lower the level of risk of company data.

Maintain compliance in 4 simple steps

STEP 1: GAP ANALYSIS

This first step focuses on identifying in detail all the processing activities carried out by the client company, the types of data processed, and the related flows and the subjects involved in the processing. This type of activity will therefore involve the identification of the actions necessary to align with Regulation 679/2016. Once all the information identified within the EasywayPrivacy platform has been entered, a report will be automatically generated in which the data resulting from the Gap Analysis will be indicated. Furthermore, the necessary support will be provided for the preparation of the documentation requested by the GDPR with particular reference to the processing register, policies, guidelines and internal procedures.

STEP 2: SECURITY AUDIT

The purpose of the Audit step is to verify the security level of the corporate IT systems and to identify any weak points. To do this, security engineers carry out a specific external and internal discovery activity aimed at identifying and listing the systems that could contain personal data. After an automatic detection of the different systems, the systems / data not included in the processing register will be analysed with the client. The Vulnerability Assessment will then be conducted, which will have a simple and intuitive report as a final product, which will indicate: the census of the privacy data repositories (both structured and unstructured data); the critical factors and improvement objectives; intervention priorities; the countermeasures to be taken, the relative development times and the necessary resources.

STEP 3: CREATION OF AN ORGANIZATIONAL MODEL

This step enters into the core of the operations designed to fulfil the new Regulation 679/2016. Through using Easywayprivacy, the Data Protection Impact Assessment will be carried out for the data processing identified and analysed in the previous phases. The texts of the Group's information and consents for the processing of personal data will also be drafted or revised, as well as the tasks, appointments and data processing agreements of the Group to make them all compatible and compliant with the requirements requested by the Group, including the new mandatory group documentation. In this step, the preparation of guidelines on Data Protection by Design for the designing of new processes, products or services will be managed and documented.

STEP 4: DEFINITION OF COUNTERMEASURES

This step is directly dependent on the results obtained in the three previous steps. Focus moves to the actions necessary to minimize the level of risk present in the previously analysed assets. The remediation to be implemented will be discussed directly with the client company and the implementation plan will be drawn up by mutual agreement, also considering the reference corporate context.