
Personal Data is any information relating to an identified or identifiable natural person, such as name, age, gender, political beliefs etc. Personal data is found everywhere, both in the public and private sector. All institutions, ministries, decentralized services, local authorities, public bodies, but also companies, sole proprietorships, foundations and associations, must comply with the provisions of General Data Protection Regulation 679/2016 (EU). This means that they must take all necessary technical and organisational measures to safeguard the personal data they process, respecting the fundamental principles. The rapid evolution of technology, new models of communication and cooperation, the flow and exchange of data in a globalised environment, the risky processing of big data have been the conditions that have imposed the adoption of a new institutional framework (GDPR) with certain new legal concepts and procedures. All entities processing personal data are now required to demonstrate their compliance with the GDPR at any time (principle of accountability) either following a complaint by an aggrieved individual or following an ex officio audit by the Data Protection Authority, fostering a new culture of information management.