Provision of compliance services with the General Data Protection Regulation (GDPR) of the Emergency Communications Management Information System (European Emergency Number “112”)

PROJECTS

April 1, 2025

DEVELOPER

Information Society S.M.S.A.

PROJECT OPERATOR

Ministry of Digital Governance

BUDGET

€ 120.000,00 (EXCLUDING VAT)

DEADLINE

April 16 2025

Financial Source

Ministry of Digital Governance

National Development Programme 2021 - 2025

What is the object of the project?

The object of the project includes the provision of services to ensure compliance with the General Data Protection Regulation (GDPR) of the “Emergency Communications Management (European Emergency Number ‘112’)” information system.

In particular, the object of the project includes, in summary, the following:

Mapping the current status of personal data processing activities in the above information system.
Designing and implementing procedures and mechanisms for responding to requests from data subjects in the exercise of their rights.
Conducting an impact assessment by which the Contracting Authority aims to highlight the risks to the privacy of data subjects arising from the method that the system to be implemented will process (store, transmit, change, erase, etc.) personal data, as well as to assess them, in order to lead to the adoption of appropriate design measures to mitigate these risks.
Designing a framework of responding to personal data breach incidents.
Vulnerability Tests and Penetration Tests to identify potential vulnerabilities and security gaps of the information system.
Action Plan to implement the measures required, to ensure the lawful processing of personal data in accordance with the GDPR requirements and to achieve an adequate level of protection of personal data in the information system.

What is the necessity and the purpose of the project?

Taking into account the nature, scope, context and purposes of the processing of personal data processed in the context of the operation of the “Emergency Communications Management (European Emergency Number ‘112’)” information system, it is appropriate to assess the risks to the rights and freedoms of data subjects that may arise.

The main objectives that are expected to be achieved through the implementation of this project are:

Assessing the current security of the “Emergency Communications Management (European Emergency Number ‘112’)” information system.
Designing and implementing procedures and mechanisms for responding to requests from data subjects in the exercise of their rights.
Designing a framework of responding to personal data breach incidents.
Recording an action plan to manage and address risks with proposed compliance and risk convergence actions.