Let’s try to shed some light on the topic of privacy .
Legislative Decree 196 of 2003 “Personal Data Protection Code” or “Consolidated Law on Privacy” is the law that came into force on 1 January 2004.
This text already expanded the Italian legislative path on personal data, which was still at Law 675/96.
With the arrival of EU Regulation 2016/679, relating to the protection of natural persons with reference to the processing of personal data, as well as the free circulation of the same, a further leap forward has been made.
The GDPR ( General Data Protection Regulation ) has been published in the Official Journal, becoming effective and applicable from 25 May 2018 , a fateful date from which alignment with the provisions provided by the new law must be guaranteed.
Anyone who processes personal data (collection, processing, transfer, etc.) must ensure that it is protected from any illicit use and is therefore required to comply with a set of legislative provisions.
It is necessary to protect all personal data, namely
“any information relating to an identified or identifiable natural person”: the name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person” (art. 4)
Data protection, therefore, becomes a determining factor.
Data is “an asset” that must be safeguarded and the data controller becomes the main person responsible for it (together with the external figures to whom the data is transferred) and therefore must demonstrate that he has assessed the related risks by adopting all the technical and organizational measures necessary to guarantee its protection and correct management (e.g. processing only the data necessary for its purposes and limiting access to authorized persons only).
It becomes essential that the entire data management process (from collection to destruction) is lawful, transparent, secure, that is, it keeps the information confidential, intact, available, and at the disposal of the interested party (who can always request its delivery and/or deletion).
Gruppo Sicurezza Ambiente provides targeted consultancy and assistance to entrepreneurs and professionals to verify that regulatory aspects are respected, regularly applied and understood, including in the field of personal data protection legislation.