Topics has fulfilled the task of preparing Italian companies for the impact of the GDPR. We started to publish our interpretations of the law well before the final text was approved (in 2015) and we organized dozens of public conferences and debates even with the Data Protection Authority. We consider this task concluded with 316 posts.

We have therefore decided to close the blog at 12/31/2018 thanking the authors and our readers for their support and sympathy.

The content in this website is classified into different categories/topics. In particular:

Name Description
Legal Framework In this category you will find news and information about the road map of legislative procedure.
Roles and Liability In this category you will find news about the relationship between subjects, their roles and consequences of their liability.
Data Protection Officer This topic covers all aspects related to the DPO, for example, which are the professional characteristics of the DPO, how to recruit a good DPO, how the DPO should organize his/her job, what is the role intersection between DPO and CISO, etc.
Impact, Risk and Measures Into this section we discuss organizational and technical actions appropriate to implement organizational and technical processes to identify, reduce and mitigate risks threaten personal information, considering also costs of implementation.
Data Breach This topic covers all aspects related to the Data Breach such as for example how to define a correct organizational process to manage a data breach, how to estimate the brand and reputation damage in case an incident is disclosed, which contractual clauses to put in contracts with vendors and how to manage the communication related to the response to a data breach on social networks.
Privacy by Design This principle is already in the current Directive, but it is now introduced as a specific, stand-alone concept so it is fundamental to discuss a new approach that every internal work-flow must have in the future in order to comply with Regulation principles.
Sanctions In this context, it is important to discuss different executions of penalties and fines that every Member States will impose.
Codes of conduct and certification Articles 40, 41, 42, 43 define the soft law tools available to make the compliance process easier: this category refers to the posts which are dedicated to these issues.
Open Forum Any other argument that is not within the topics Legal Framework, Roles, and Liability, Data Protection Officer, Impact Risks and Measures, Data Breach, Privacy by Design and Sanctions could be written into this category.