The protection of personal data is currently perceived as a legislative obligation, which is mostly annoying and, especially in smaller companies, is perceived negatively. However, the current trend, especially in the field of information / cyber security incidents, puts this obligation in a completely different light and clearly points to the necessary need to protect personal data, whether your own, your family, friends, employees, etc. It is necessary to realize that the protection of personal data is not the completion of mandatory documents and records, but it is about a securely set technological environment, physical security and also about people’s knowledge of how to work with personal data.
Our goal in the implementation of GDPR is primarily to help the organization set up security processes and technologies, raise awareness of personal data protection – train people to understand what it is and especially why it is done and then process the documentation required by legislation. Then it all makes sense.
It is also necessary to be aware of the connection between GDPR and information security (ISMS) or the requirements of cyber law. In both information security and cyber law, personal data is defined as information assets and the whole standard or law defines requirements to ensure that their confidentiality, integrity or availability is not lost.
As part of our services, we provide services in the field of cyber security in accordance with the legislation at the level of:
- GDPR implementations
- basic documentation implementation
- detailed implementation of GDRP at the technical, process and documentation level
- GDPR consultations
- GDPR audits
- Provide of a responsible person (DPO)
More about legislative requirements can be found in the following links:
The Czech Republic