TU Privacy (Legislative Decree 196/03), approved June 27, 2003, reiterated the obligation for all those who process data personal and sensitive information, including, without limitation, companies, organizations and professional firms, to comply with recent requirements for confidentiality and security, which represent the evolution of complex and detailed rules laid down in Act No 675/96.
The deadline for the adoption of such measures subject of minimum / adequate security and the preparation of the DPS (Document Security), has been extended to 31.12.2005.
The deadline for the adoption of such measures subject of minimum / adequate security and the preparation of the DPS (Document Security), has been extended to 31.12.2005.
For this reason it is necessary to establish within its structure gradually adapted and weighted, which will not remain a dead letter.
The owner of the company, therefore, will the obligation to analyze the possible risks related to loss / unlawful processing of data in paper and electronic format, to adopt the mandatory security measures (physical, logical and organizational), to adapt the structure to the reporting requirements (revision of existing contracts) , consent and appoint the figures provided by the Consolidated, where necessary, the preparation of the Security Policy Document.
not adapt it means incurring harsh penalties for both administrative and criminal nature, in addition to possible claims for damages - and moral - art. 2050 cc.
Kynetic thanks to a strong and proven partnership with the law firm Sisto of Salerno, for years engaged in the study and advice in this sensitive area, will:
> census and discrimination of company information (identification of common data, sensitive, semi-sensitive, treatment of particular relevance to the structure of the data easily retrievable or not, subjected to external transmission of data, etc..), for which will be issued a short opinion in oral form;
> structured analysis of risks relating to loss or corruption of data;
> notification and authorization to the processing of data (when necessary).
Implementation adaptation to the privacy policy will be accompanied by the preparation and issuance of a special regulations, a Document on Security in the drafting of a document defining the roles envisaged by Legislative Decree No. 196/03 (the controller, responsible for internal and external, system administrator, etc.)..
For more information: Via Vito Fornari Kynetic 52, Salerno 84131, tel. 0895226343 fax 0893867404 www.kynetic.it privacy@kynetic.it
0 comments:
Post a Comment