Description

Sernet’s Privacy Business Unit offers consultancy services to companies to ensure compliance with European Union Regulation no. 679/2016 regarding the protection of personal data (known as GDPR), to Legislative Decree 196/2003 and subsequent amendments (Privacy Code) and to the various Provisions of the Data Protection Authority. The objective of the Privacy Business Unit is to support companies in the process to be compliant to current regulations, following a methodology and using support tools developed by SERNET with the support of its Legal Advisors.

Main Activies

Sernet S.p.A. has set up, years ago, a Privacy Competence Center which adopts an inter-functional approach, open to the contributions of a qualified Network of Privacy specialists in the methodological, organizational, technological and regulatory fields.The Privacy Competence Center ensures the development and updating of solutions to meet the requirements of the GDPR, the Privacy Code and the Provisions of the Data Protection Authority, monitoring the regulatory evolution and applying the best market practices, derived from the International Standards dedicated to information security and personal data protection (e.g. ISO 27001 relating to the implementation of management systems for the protection of personal data, ISO 27018 for the management of personal data by Cloud Service Providers, ISO 27701 relating to implementation of management systems for the protection of personal data, UNI 11697 for the identification of professional profiles relating to the processing and protection of personal data, etc.).Sernet’s Privacy Business Unit, since 2016, has dealt with the issue of adopting European Union Regulation no. 679/2016 regarding the protection of personal data, proposing a specific methodology for planning and implementing the fulfilments required by the regulation, promoted through Workshops, Webinars and carrying out specific projects for important companies in various industries (e.g. ICT services, insurance brokerage, outsourcing of insurance services, trade and distribution, publishing, hospitality, etc.).Sernet’s consultants develop and provide training sessions on privacy and information security within professional associations (e.g. AIEA, CLUSIT, CLUB TI, ASSINTEL, ASSEPRIM, etc.) and for important training company (e.g. IPSOA). The Data Protection Management System realized by Sernet’s consultants includes a GDPR Management System manual, procedures, document templates and supporting tools for risk analysis, data protection impact assessment, etc.

Main Activies

Sernet S.p.A. has set up, years ago, a Privacy Competence Center which adopts an inter-functional approach, open to the contributions of a qualified Network of Privacy specialists in the methodological, organizational, technological and regulatory fields.The Privacy Competence Center ensures the development and updating of solutions to meet the requirements of the GDPR, the Privacy Code and the Provisions of the Data Protection Authority, monitoring the regulatory evolution and applying the best market practices, derived from the International Standards dedicated to information security and personal data protection (e.g. ISO 27001 relating to the implementation of management systems for the protection of personal data, ISO 27018 for the management of personal data by Cloud Service Providers, ISO 27701 relating to implementation of management systems for the protection of personal data, UNI 11697 for the identification of professional profiles relating to the processing and protection of personal data, etc.).Sernet’s Privacy Business Unit, since 2016, has dealt with the issue of adopting European Union Regulation no. 679/2016 regarding the protection of personal data, proposing a specific methodology for planning and implementing the fulfilments required by the regulation, promoted through Workshops, Webinars and carrying out specific projects for important companies in various industries (e.g. ICT services, insurance brokerage, outsourcing of insurance services, trade and distribution, publishing, hospitality, etc.).Sernet’s consultants develop and provide training sessions on privacy and information security within professional associations (e.g. AIEA, CLUSIT, CLUB TI, ASSINTEL, ASSEPRIM, etc.) and for important training company (e.g. IPSOA). The Data Protection Management System realized by Sernet’s consultants includes a GDPR Management System manual, procedures, document templates and supporting tools for risk analysis, data protection impact assessment, etc.

Know-How

Sernet’s team of the Privacy Business Unit:·

Has a long experience in the field, acquired since 2003 through many Privacy projects for numerous national and international companies, belonging to various industries;·

It benefits from the support of Legal Advisors with many years of qualified experiences managing the Privacy issues in large companies;·

Designs and delivers training sessions within the projects carried out, for professional association members (eg AIEA, CLUSIT, CLUB TI, ASSINTEL, ASSEPRIM, etc.), for important training institutions (e.g. IPSOA), and for market development (e.g. Workshops and information Webinars carried out since 2016);Sernet SpA has been enabled by an independent and multidisciplinary Evaluation Committee to act as a Data Protection Officer (DPO) for many companies associated with ASSINTEL.Furthermore, Sernet plays the role of Data Protection Officer (DPO), as a legal entity, for two major Italian publishing companies, thanks to the contribution of consultants certified according to the UNI 11697 Standard.