GDPR: 10 rules to achieve and maintain compliance


The imminent entry of European legislation on the management and protection of personal data requires companies to:

  • identify the organizational areas affected by the new legislation;
  • verify their governance rules;
  • identify the level of data security in the different business processes;
  • intervene, where necessary, with organizational changes or new technological solutions adequate to the identified risk.

Starting with the International Best Practices, here is WHAT TO DO to achieve and maintain compliance:

1.Identification of the nature of the processed data, scope, context and purpose of the treatment;
2. Analysis of the corporate organizational model;
3. Identifying the treatments performed and to be implemented (new business);
4. Census of assets in paper and in digital format;
5. As-is respect to the privacy system and Legislative Decree 196/03;
6. Data inventory, discovery and classification;
7. Risk assessment;
8. Identification of compliance level;
9. Definition of action plan;
10. The adoption of organizational and technological measures to ensure an adequate level of risk security.


For a closer look at HOW TO DO it, download HERE the in-depth document on the assessment and action plan.

We may use the data you provide to contact you with information about the OmnitechIT  job offerings. We do not share your personal data with advertisers. To learn more, see OmnitechIT’s Privacy Policy

mautic is open source marketing automation