What is the object of the project?
The object of the project includes the provision of services to ensure compliance with the General Data Protection Regulation (GDPR) of the “Emergency Communications Management (European Emergency Number ‘112’)” information system.
In particular, the object of the project includes, in summary, the following:
- Mapping the current status of personal data processing activities in the above information system.
- Designing and implementing procedures and mechanisms for responding to requests from data subjects in the exercise of their rights.
- Conducting an impact assessment by which the Contracting Authority aims to highlight the risks to the privacy of data subjects arising from the method that the system to be implemented will process (store, transmit, amend, delete, etc.) personal data, as well as to assess them, in order to lead to the adoption of appropriate design measures to mitigate these risks.
- Designing a framework of responding to personal data breach incidents.
- Vulnerability Tests and Penetration Tests to identify potential vulnerabilities and security gaps of the information system.
- Action Plan to implement the measures required, to ensure the lawful processing of personal data in accordance with the GDPR requirements and to achieve an adequate level of protection of personal data in the information system.
What is the necessity and the purpose of the project?
Taking into account the nature, scope, context and purposes of the processing of personal data processed in the context of the operation of the “Emergency Communications Management (European Emergency Number ‘112’)” information system, it is appropriate to assess the risks to the rights and freedoms of data subjects that may arise.
The Purpose of the Project is the transition of the existing system to the next generation platform. This upgraded platform will allow the new 112 SYSP (citizens’ early warning system) to expand its citizen alerting functions to meet future needs, building on existing Cell Broadcasting interconnections, as well as alarm (address-based and group-based) to citizens and internal resources using Voice and SMS channels.
The features of the upgraded platform include the ability to alert citizens via:
- Cell Broadcasting, interconnected to the mobile network so that messages can be broadcast to all mobile phones from all telecommunications providers.
- Location Based SMS (LB-SMS), through interfaces of the existing infrastructure with all telecommunications providers to send SMS notifications to all subscribers in a certain area.
- Secondary Channels, such as Social Networks, e.g. Facebook and Twitter. Moreover, the features of the upgraded platform include the ability to alert:
- by address using voice, email and/or SMS
- by group via voice, email and/or SMS
- via the CAP protocol
- via TV, radio broadcast, alarm, or message boards using CAP or proprietary integration
The main objectives that are expected to be achieved through the implementation of this project are:
- Assessing the current security of the“Emergency Communications Management (European Emergency Number ‘112’)” information system.
- Designing and implementing procedures and mechanisms for responding to requests from data subjects in the exercise of their rights.
- Designing a framework of responding to personal data breach incidents.
- Recording an action plan to manage and address risks with proposed compliance and risk convergence actions.