The New Regulatory Framework.

The European Commission has adopted a new framework for the Protection and Management of Personal Data (Regulation 2016/679, Directive 2016/680) which aims to offer EU residents a controlled processing of their personal data and to simplify the regulatory environment for international business.



What is Personal Data?

Personal data is any information that refers to or describes an individual/subject.

Who concerns the new Regulatory Framework?
It concerns all businesses that (a) process data of EU residents, (b) export personal data outside the EU.
*Policy procedures vary from one Member State to another.
Advantages of Compliance.

A. The use of data in a transparent and privacy-friendly manner, will work for compliant companies as a competitive advantage over companies that will not embrace the new regulatory framework, allowing the former to expand their customer base, collect more data and build the trust of their customer.

B. Adopting good data processing practices, could help companies avoid damaging the reputation of their trademark.

C. Putting more money for complying with data protection and working on better guidelines and policies for data protection in the company, could improve the company's attitude to cyber security.

The cost of non-compliance. 
The local Data Protection Authority monitors compliance with the regulatory framework (their work is coordinated at EU level). The cost of violating the rules may be high.
Effective Date - More information:
According to the European Commission, since May 2018, companies are required to apply New stricter rules for the Protection of Individuals, regarding the Processing of Personal Data (Regulation 2016/679, Directive 2016/680).

For more information on EU law: http://ec.europa.eu/justice/data-protection/

·         Data Protection Bodies http://ec.europa.eu/justice/data-protection/bodies

·         Hellenic Independent Personal Data Protection Authority: www.dpa.gr

Personal data and their management. Who else? ICAP. 
The company that has been managing sensitive information for 50+ years.
In preparation for the implementation of the new regulation, ICAP Management Consulting is your Business Selection Partner to identify, assess, develop and implement your company's compliance framework, offering a multi-level "end 2 end", portfolio of services:

1. GDPR Health-Check Service:
an immediate and fast assessment of the compliance level in order to help the organization verify the basic and main requirements of the new GDPR regulation and to decide precisely on the scope and type of interventions and implementations that it needs to invest

2. GDPR Assessment Service:
the compliance gap analysis will provide the difference between the desired and actual level of compliance against GDPR. For each point of deviation from the requirements, the proposed remediation actions will be listed as well. The identified implementation actions will be the base for the compliance roadmap.

3. End2End GDPR Readiness Service:
a holistic approach of thoroughly analyzing and evaluating existing protection mechanisms against the requirements of the new GDPR regulation. The service is not limited to the necessary assessment and verification of compliance deviations, but goes on to develop basic protection mechanisms for the processing of personal data where this is required.

4. Ad-Hoc GDPR Services:
in cases where an organization is interested in specific, specialized, GDPR services, a flexible (Ad-Hoc GDPR Services) framework has been designed to serve specific areas of compliance and regulatory requirements. Indicatively, but not limited to, ad-hoc services may include:

·         Design and Development of Safety and Security Policies and Procedures for processing personal data (eg Security Incident Management, Collection of personal data, preservation of personal data, Complaints Management, etc.)
·         Design, Development and Documentation of Records of Processing personal data
·         Methodology Design & Impact Assessment of processing personal data
·         Checking legal documents, formal declarations of subjects
·         Control of the legal and operational framework of cooperation with external providers
·         Organizing and periodic checking of GDPR Compliance of External Partners
·         Organization and implementation of staff training programs

5. DPO as a Service: 
this service enables organizations to comply with the regulatory requirement to designate a DPO, by assigning the role to ICAP qualified and experienced executives, with simultaneous creation and official documentation of the operating framework and reporting between the ICAP Organization and the domestic independent Data Protection

6. Implementation of technological solutions: 
the discovery, design and implementation of the necessary technological solutions. We cooperate with leading technology and software vendors and in cooperation with our customers, we move on to improve IT systems or introduce technological solutions that are identified by the GDPR Assessment Service. 

For further information, please call: 210 7200117, e-mail: This email address is being protected from spambots. You need JavaScript enabled to view it.

About us

ICAP Group – with 1.300 employees – is the largest Business Information and Management Consulting Group in Greece, with a strong presence in Southeastern Europe.

At ICAP Consultants, our vision is to become the recognized regional leader in Business Consulting enabled by Technology and Business Analytics. Our strategy relies on uniquely combining a superior industry-focused business consultative approach, consumer & business data, analytics and data integration technology solutions. Our unique and innovative solutions differentiate our customers and provide them a competitive advantage.

Follow us

icon facebook64 icon linkedin64 FB64 icon email

Discover More

Send a Question or Request