GDPR

The General Data Protection Regulation or GDPR is the European Union’s new law on the protection of personal data, applicable from the 25th of May 2018.

Its purpose is to create a single institutional framework for the processing of personal data in all EU Member States, establishing rules for the protection of individuals and the circulation of their personal data.
The General Data Protection Regulation (EU GDPR) applies to any organisation (private and public companies, government authorities, associations, etc.) that holds or processes personal data of European citizens, regardless of their nationality or place of residence.

Penalties for non-compliance with Regulation 2016/679:
Fines are assessed on a case-by-case basis and amount to 4% of the organisation’s global annual turnover or €20,000,000 (whichever is higher). There are also cases where a fine of 2% of the global annual turnover, or €10.000.000 (whichever is higher) is foreseen under Article 83 of the Regulation.

HBI supports your business in its efforts to comply with the GDPR regulation by providing the following services:

Existing Condition Diagnostic
Data mapping, Data Flow
Control of security weaknesses in IT infrastructures and online applications.
Identification and analysis of risks and gaps (Risk Assessment, Gap Analysis)
Conducting a Data Protection Impact Assessment, if required
Development – Revision of policies and procedures (Security Policies Privacy Policies) that document compliance with the requirements of the Regulation.
Test audits of systems and processes (GDPR Audit)
Preparation of the company for certification and verification of compliance under GDPR based on international standards such as ISO 27001 (optional).