Data protection

The General Regulation on Data Protection: a challenge for public and private entities

The entry into force on 25 May 2016 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April on the protection of individuals with regard to the processing of personal data and the free movement of such data, which repeals Directive 95/46 / EC of 24 October 1995, poses a number of challenges to both public authorities and private entities and to all agents whose activities involve the processing of personal data.

Although the full implementation of the Regulation has been set for 25 May 2018, the date from which the repeal of Directive 95/46 / EC is also taken into account, the entry into force on 25 May 2016 dictates the need for adaptation in all aspects amended or introduced by the Regulation. These adaptations of the systems and models, as well as the practices of processing and protection of personal data of companies at the present date, are imperatives dictated by the Regulation in order to safeguard its full applicability on May 25, 2018.

Public and private entities should therefore introduce into their systems and practices all changes necessary to ensure the full compliance of the processing of the data they perform with the new provisions of the Regulation by May 25, 2018.

The Data Protection Legal Support Service comprises:

Training on the Regulation

Training of human resources as an instrument of excellence for the promotion of the development of human capital and in order to ensure that the human resources of the entity recognize the actions necessary for the conformity of the company’s performance with the new regime. This training service on the legal requirements and changes imposed by the General Data Protection Regulation on data processing aims to enable operators to prepare their human, legal and non-legal resources for the identification of internal needs and to plan and implement the tasks adequate to comply with the legal requirements applicable to them;

Situation Diagnosis

This service includes meetings with the Customer and its managers and employees or those responsible for the information systems, as well as audits of the systems in use in the processing of personal data, in order to identify needs as well as analysis and critical points and where measures to comply with the Regulation need to be implemented. The service includes the elaboration and provision to the Client of a detailed report, in order to allow it to make the adaptations that are appropriate for the full compliance with the General Regulation on Data Protection;

Monitoring of Data Processing Activities

The Customer’s follow-up service in the data processing activity is geared to responding to the needs of Clients during the implementation of the adaptation of the data processing systems to the Regulation and/or the subsequent moment, with the provision of a permanent service and personalized consulting services to monitor Customer’s activity, at a distance, through a communication channel specifically created for this purpose, or in person. The service may include follow-up audits. In the context of the monitoring service provided by BAS, support may also be provided to the controller, the subcontractor and the data protection officer.