One of the innovations contained in Regulation (EU) 2016/679 is the principle of data protection by design and by default, to be applied to all processes, systems, and software within the company infrastructure.
The first phase consists of a feasibility study, aimed at making the information necessary for a decision on the actual technical implementation of the request available. It is, therefore, necessary to evaluate the IT context, the state-of-the-art of the systems, applications, and information flows involved; to identify the technical constraints; to analyse the system interrelationships and the possible problems that the activation of certain functionalities may induce on these in detail, in order to evaluate and quantify the risks related to IT security and, therefore, in order to eliminate or reduce them in accordance with the regulations and in accordance with your expectations.
The second phase concerns the definition of possible solutions to be adopted for the realization of what is required, defining the hardware and software components on which the implementation is required in detail.
The third phase, finally, will see ICTCC guide you in the concrete adoption, implementation, and configuration of the identified solutions.