On May the 25^th 2018, the GDPR (General Data Protection Regulation), the new European Regulation for the protection of personal data, will become definitively applicable throughout the EU.

This legislation aims not only at adjusting the level of data protection to the evolution of the instruments used in the new digital economy, but at achieving a real cultural change allowing public administrations and companies to build safer services for citizens and consumers.

To comply with the new legislation, the PA will have to organize a new data protection system internally, favouring the concepts of risk and liability assessment. In order to simplify the adoption of these provisions, the Directorate of Information Systems and Innovation (DSII) of the Department of General Administration of Personnel and Services (DAG) of the Ministry of Economy and Finance (MEF) has drawn up a roadmap that can be used as reference by the other Public Administrations (of any size) both for the implementation and for the active monitoring of the actions put in place for data protection.

To analyse in detail this action plan, you can the article (in Italian) written for Agenda Digitale by the Directorate’s staff involved in the implementation of the new legislation.