Data Protection & Information Security

Any information that can be classified as “identified or identifiable” represents personal data. It could be a name, an address, a card number, even an IP address or a cookie ID. The EU’s General Data Protection Regulation (GDPR) tries to strike a balance between being strong enough to give individuals clear and tangible protection while being flexible enough to allow the legitimate interests of businesses and the public. Compliance with the requirements of the GDPR is required when processing personal data.

Data protection is defined as a “legal control over access to and use of personal data”. More specifically, GDPR refers to “the protection of natural persons concerning the processing of personal data”. It is basically a set of laws, regulations and best practice regarding the collection and use of personal data about individuals. Information security is defined as the practice of defending information (both physical and digital data) from unauthorized access, use, modification or disruption.

In xitee we provide services to keep your data safe and secure.

Cyber-attacks on critical infrastructures, such as on hospitals, are becoming more aggressive and frequent. To eliminate any possible risks of your solution, we offer the service of penetration testing. The goal is to use the methods which are typically used by hackers to identify vulnerabilities that allow the system to be compromised, confidential information to leak or impair the availability of services.

Additionally, we recommend and provide the GAP analysis to evaluate your processes, activities, and procedures regarding the requirements of ISO/IEC 27001 and identify all necessary measures to achieve conformity to the legal requirements as well as optional certification.