Menu
Security of personal data

Security of personal data

Security and management of personal data in accordance with legal requirements

Protect personal data
Carry out a compliance audit
Carry out a compliance audit

Determine scope of law and find out how much you comply with it’s requirements

Develop an action plan
Develop an action plan

Get qualified advice, evaluate control effectiveness, and draw up an action plan

Enhance security
Enhance security

Introduce pragmatic and effective control mechanisms, which are in line with existing risks

Carry out a compliance audit

In the first stage of complying with personal data security regulations, a company needs to know what personal data it processes. Identify all communication channels from which it receives and / or sends data. Based on this process, the company needs to create a data inventory and assess privacy risks.

 Carry out a compliance
Set an action
Set an action plan

Once the data has been identified, redundant and outdated information should be deleted. The data should be classified and the following should be determined:

The purpose for which this data is being processed

  •  The amount of data that is necessary to achieve a legitimate goal
  •  The time required to achieve the purpose of the data processing
  •  The method by which the data will be checked and updated
  •  Control mechanisms that ensure data security
Set an action
Learn more about GDPR and how you can use it
Learn more about GDPR and how you can use it
Evaluate and manage risks

After determining the volume and purpose of the personal data required by the company, data processing rules should be developed. Rules should be documented and shared across the company. Data processing risks should also be assessed and the responsibility of the data protection officer should be defined, who will monitor the compliance of the data processing within the organization with the requirements set by the regulation.

 Evaluate and manage
Security of personal
Security of personal data

The company is obliged to take organizational and technical measures to ensure the protection of data from accidental or illegal destruction, alteration, disclosure, extraction, and any other illegal activity.

The security measures taken will cover issues such as:

  •  Data backup
  •  Data anonymization
  •  Antivirus
  •  Email security
  •  Data encryption and more

 

Security of personal
Head of Cyber and Information Security:

More than 8 years of experience in the field of information security. Has been leading cyber and information security management system in BDO for 2 years. At the time, under his leadership, the international standard for information security management ISO / IEC 27001: 2017 was implemented.

Anzor Mekhrishvili

  • Amekhrishvili@bdo.ge
  • 598212007
  • Linkedin
  • Get acquainted with current trends and news