It is important to harmonize the various regulatory compliances in the company including Legislative Decree 231/2001, GDPR, quality, in an extremely dynamic and complex legal and economic context such as the current one. The risk of sanctions must be eliminated and a corporate culture inspired by the law must be promoted.
In this perspective, Studio Eidos, relying on its experience and training, offers companies a harmonization of the internal procedural framework to increase its efficiency. The former Legislative Decree 231/2001, the privacy legislation relating to the GDPR, the ISO systems for quality, are some examples that help to understand the complexity which must be granted.
General Data Protection Regulation
It is a regulation on the protection of personal data, recognized to every natural person by the Charter of Fundamental Rights of the EU and by the Treaty on the Functioning of the EU. Practically, the processing of information concerning individuals must be a "service to man" and this right for the protection of data concerning the individual must have a social function. Consequently, a more detailed regulation on the rights of personal data holders, and the obligations of those who determine and carry out the service, is needed.
Thus, Studio Eidos will deal with:
- preliminary analysis of the business context with evaluation of processing operations and related assets;
- identification and analysis of the subjects involved in the data processing operations; employees, responsible for the processing, owner of the same, designation of a RPD-DPO;
- analysis of the risks and of the safety measures adopted;
- adoption of suitable technical and organizational measures to guarantee the security of the processing;
- data protection impact assessment whenever the use of new technologies is required;
- training of employees.
D. Lgs. 231/2001
Legislative Decree 231/2001 establishes the administrative liability of Entities for crimes committed by individuals within the Organization, unless it proves that it has effectively adopted an Organizational, Management and Control Model. The Company which does not comply with the provisions of the Decree risks having to answer for the offenses committed by its managers and employees, exposing itself to the application, even as a precautionary measure, of disqualification and pecuniary sanctions, with heavy repercussions on the survival of the Company itself.
However, in most companies, compliance pursuant to Legislative Decree 231/2001 is seen as a mere formal fulfillment which risks hindering company operations. Thanks to the strong knowledge of the dynamics that govern the Company System, Studio Eidos is able to support you in the development of an Organization, Management and Control Model in full compliance with the market strategies and the operational needs of your Company. With the aim of making the Organizational Model a tool for involving personnel and promoting a corporate culture inspired by legality, Studio Eidos supports your company in the following:
- risk analysis (Risk Map) and guidelines for reviewing the organizational model (Gap Analysis) - Risk Assessment;
- elaboration of corporate procedures compliant with the principles indicated in the Organizational Model;
- preparation of an adequate internal control structure;
- provision of training to company personnel on issues related to Legislative Decree 231/2001.
Thanks to its experience and know-how, Studio Eidos aims to transform the obligations deriving from compliance with Legislative Decree 231/2001 into opportunities for improvement and growth for your company:
Development of an organization, management and control model pursuant to Legislative Decree 231/2001 which takes into account the company's characteristics.
Preparation of a system of internal protocols compliant with the principles of the Organizational Model to identify roles, responsibilities, timing and output for each process.
Development of a control structure for the application of the organizational model implemented.
Periodic training of company personnel on issues related to Legislative Decree 231/2001 and GDPR.
To ensure that certification is not simply an attainment of a document to be shown to customers, but a powerful support tool for standardizing company processes through procedures and instructions, Studio Eidos is able to both, implement checks on existing quality systems and certificates, as potentially accompanying you to obtain the certification of conformity according to the reference ISO standards (e.g. ISO 9001), through customized interventions, with precise target results of timing and costs.
- UNI EN ISO 9001: Certification and maintenance of Quality Management Systems
- OHSAS 18001: Certification and maintenance of Safety Management Systems
- UNI EN ISO 14001 - EMAS: Certification and maintenance of Environmental Management Systems
- SA 8000: Ethical Certification
- Information and Communication Technologies Security - ISO/IEC 27001