- Services within the scope of ensuring compliance of the processing of personal data with the requirements of the act on the protection of individuals with regard to the protection of personal data.
From 25 May 2018, the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) – hereinafter referred to as “the ARO”; – are in force. From this date on, the correct processing of personal data becomes a particularly important aspect of your business. Therefore, entrepreneurs are required to take the necessary measures to ensure that the new rules of the ROP are properly implemented in their organisation. To this end, steps should be taken to develop and implement appropriate organisational and technical measures and procedures to ensure the security of the personal data processed, including methods for their regular testing and evaluation of their effectiveness.
- Legal audit and compliance report:
The Law Firm provides consulting services in the field of assessing the compliance of personal data processing with the provisions of the Act on Personal Data Protection and ensuring the compliance of personal data processing in accordance with the requirements provided for in the RODO. The service includes conducting a legal audit and preparing and delivering an audit report on the compliance of personal data processing with the law and proper organization of information security, as well as containing necessary recommendations, guidelines and recommendations for adapting personal data processing to the provisions of the RODO..
The next, necessary stage is the implementation of processes and procedures for ensuring compliance of personal data processing with the RODO standard on the basis of the results of the completed audit and the solutions and recommendations contained in the report.
As part of the implementation, we provide services in the preparation of necessary documentation, including data processing security policy, register of processing and reporting violations, specimen clauses and consents for processing personal data together with information obligations, data processing outsourcing agreements and others.
It should be emphasized that we cooperate with IT specialists who deal with ensuring compliance of personal data processing with RODO in the scope of IT. On the basis of an audit completed with a report, procedures and appropriate technical measures are implemented. Depending on the entity, these measures may include, in particular, data encryption, the use of appropriate antivirus software, firewalls, incident monitoring systems and data processing security in the event of a failure of the information system.
In each case, the Law Firm recommends training of employees related to their duties in relation to the processing of personal data in accordance with RODO. Participation in trainings is important because the most common reason for violation of personal data protection is the so-called data leakage, caused by the human factor.