Privacy e Cyber Security
Since its foundation, Studio Corno Avvocati has regularly assisted individuals, professionals and companies in the area of privacy and with reference to all its regulatory and litigation aspects.
Studio Corno Avvocati has been one of the pioneers in litigation related to unlawful processing of personal data by public and private companies, including in the health sector; as well as in providing assistance out of court and in the administrative sector before the competent Authorities.
Legislation on data protection has undergone significant changes and innovations in recent years. This is true particularly with reference to the introduction of the new European Regulation No. 679/2016, better known as the General Data Protection Regulation (GDPR), applicable from 25 May 2018, as well as the recent and profound changes made to the Privacy Code of 2003.
The coming into force of the GDPR has had a significant impact on the management of people’s personal data within the information society, as well as generating the need for profound revisions regarding the processing of data in business environments.
To tackle these innovations, we have set up a “privacy team”, with the support of the IT department of Studio Corno Commercialisti, able to provide global assistance, ranging from legal issues to information technology and cyber security, a particularly topical theme given the numerous cyber attacks that have recently affected companies of various sizes.
That’s how we are able to combine twenty years of experience in the world of privacy with constantly updated knowledge of the new regulations and standards, at national, European and cross-border level. The privacy team has gained significant experience with regard to the compliance of medium and small enterprises to the GDPR, as well as in the assistance of issues relating to data protection affecting individuals.
LEGAL
Privacy and cyber security consulting services
Studio Corno Avvocati traditionally deals with Italian, international and cross-border privacy issues, with particular reference to these areas:
Planning and adaptation of company procedures to the GDPR
We assist companies and professionals in all phases of compliance with the new legislation, from the mapping of processing to the analysis and review of procedures and contractual relationships, to awareness-raising of employees and collaborators of the company.
At the same time, we can offer guidance to companies and professionals with regard to planning new processing and, where appropriate, adopting suitable preventive measures, including impact assessment and the request for prior verification to the Supervisory Authority.
Protection of personal data and exercise of individual rights
We provide assistance with regard to the exercise of the Data subject’s rights (right to access, restriction, rectification, “right to be forgotten”, portability and opposition) in the interest of individuals or the companies against whom they are exercised, both out of court and in litigation.
Data breach and cyber security management
Our highly multi-disciplinary approach, which combines specialist legal skills with a broad mastery of IT issues, enables us to provide full assistance also with regard to breaches of IT and physical security of personal data in the corporate and non corporate sector (data breach), as well as suggesting appropriate initiatives.
It should be noted that data breach events require, in addition to adequate IT countermeasures, the adoption of appropriate legal instruments and precautions, in order to limit negative consequences and any related liability, also with regard to the supervisory authority.
Litigation and relations with the supervisory authority
We assist individuals and legal entities in litigation related to unlawful processing of personal data by public and private companies, as well as in dealing with the authorities in relation to possible checks and inspections, carried out also through the Privacy Unit set up at the Guardia di Finanza.
Workers’ privacy
Over the years, also based on our experience, problems have increasingly emerged with reference to the management of employees’ personal data within the corporate environment, in particular with reference to monitoring systems and surveillance equipment.
Again with a strongly multidisciplinary perspective and thanks to the collaboration between the privacy team and the labour law department, we provide full assistance in the preparation of appropriate procedures and security measures, in accordance with the Workers’ Statute and the regulations contained in the GDPR and the Privacy Code.
We assist companies and professionals in all phases of compliance with the new legislation, from the mapping of processing to the analysis and review of procedures and contractual relationships, to awareness-raising of employees and collaborators of the company.
At the same time, we can offer guidance to companies and professionals with regard to planning new processing and, where appropriate, adopting suitable preventive measures, including impact assessment and the request for prior verification to the Supervisory Authority.
We provide assistance with regard to the exercise of the Data subject’s rights (right to access, restriction, rectification, “right to be forgotten”, portability and opposition) in the interest of individuals or the companies against whom they are exercised, both out of court and in litigation.
Our highly multi-disciplinary approach, which combines specialist legal skills with a broad mastery of IT issues, enables us to provide full assistance also with regard to breaches of IT and physical security of personal data in the corporate and non corporate sector (data breach), as well as suggesting appropriate initiatives.
It should be noted that data breach events require, in addition to adequate IT countermeasures, the adoption of appropriate legal instruments and precautions, in order to limit negative consequences and any related liability, also with regard to the supervisory authority.
We assist individuals and legal entities in litigation related to unlawful processing of personal data by public and private companies, as well as in dealing with the authorities in relation to possible checks and inspections, carried out also through the Privacy Unit set up at the Guardia di Finanza.
Over the years, also based on our experience, problems have increasingly emerged with reference to the management of employees’ personal data within the corporate environment, in particular with reference to monitoring systems and surveillance equipment.
Again with a strongly multidisciplinary perspective and thanks to the collaboration between the privacy team and the labour law department, we provide full assistance in the preparation of appropriate procedures and security measures, in accordance with the Workers’ Statute and the regulations contained in the GDPR and the Privacy Code.
