Services

 

Latest News

GDPR compliance

 

As data protection is becoming more and more valuable and constitute a crucial pillar for companies brand and reputation, the need for organizations to protect personal data is also constantly increasing. The initial 'grace period' is definitely over, and Data Protection Authorities have already inflicted the first heavy fines in EU.

 

Violating the fundamental rights and freedoms of individual, even accidentally, is not a risk companies can ignore or pretend it will never happen: it will. Not complying with the data protection regulations can lead to risky situations that harm an organization’s credibility, reputation, and definitely its financial status.

 

This is where KAX Consulting can help you decisively. Our message is that GDPR is a real opportunity, and it is not just about data security as usual. Organizations most important goals and obligations are the purpose for personal data collection and obligations during its processing, including but not limited to lawfulness, fairness, transparency, and purpose limitation.

 

Whether your needs are limited to training and formation, or to the full implementation of a compliance strategy and implementation we can leverage multi-years experience and international accredited certification to address your concerns, support your efforts, and achieve your goals in compliance and data protection.

Who can we support?

  • Managers or teams seeking to prepare and support their organization in planning, implementing, and maintaining a compliance program based on the GDPR

  • DPOs and individuals responsible for maintaining conformance with the GDPR requirements

  • Members of information security, incident management, and business continuity teams

What will you also achieve?

  • Understand the concepts of the GDPR and interpret its requirements

  • Understand the content and the correlation between the General Data Protection Regulation and other regulatory frameworks and applicable standards, e.g., ISO/IEC 27701

  • Acquire the competence to perform the role and daily tasks of the Data Protection Officer in your organization

  • Develop the ability to inform, advise, and monitor compliance with the GDPR and cooperate with the supervisory authority

GDPR Self-Assessment

PECB provides a well done online assessment which can help your organization to acknowledge, understand, and improve your organization’s compliance level to GDPR. A set of questions have been developed to discover and identify the strengths and weaknesses of your organization’s compliance to GDPR.

The online assessment tool involves a quick review, available at no cost, for the purpose of evaluating your organization’s readiness to GDPR.

 

The questionnaire consists of 16 comprehensive closed-ended questions. After answering to the questionnaire, a calculated score result will be provided, so you can have an understanding of your organization’s compliance to GDPR.

Note: This online review serves only as a guidance based on the responses provided; it doesn’t necessarily imply your full compliance to GDPR. For further information about the PECB GDPR Assessment process and requirements, please contact PECB at ms@pecb.com

GDPR Readiness Self-Assessment 

Medical Research

KAX has a solid expertise acquired by being in the frontline of edge medical research. Whether you are a biotech seeking strategic advice for your research project, to well established healthcare and pharmaceutical institutions and companies, we will have the right answers and solutions, in addition to supporting your activities with training and mentoring, and ensuring the mandatory GDPR compliance.

Our expertise ranges from the pre-clinical to the phase 4 research protocol development, and all medical affairs related tasks, including educational workshops, medical material, scientific advisor boards, all developed and acquired at leadership positions and decisional functions.

 

Who can we support?

 

  • Project Directors seeking strategic advices at any stage of their research

  • CROs

  • Pharmaceutical companies venturing in radio labeled compounds

  • Editors seeking for publishing opportunities in nuclear medicine

  • Medical schools offering radiation-related courses

  • Healthcare institutions dealing with radiation-related challenges

We will help you:

  1. In the field of clinical translation of PET and SPECT peptide-based diagnostic imaging and therapy

  2. For all your training needs and awareness about dosimetry, radiotracer distribution, image reading, and data interpretation

  3. Dealing with ongoing clinical trials using a radiolabeled compound, either for diagnostic purposes, or therapeutic procedures

  4. Addressing publicly and/or via publications about the positive aspects of radiations and radioligands therapies

  5. Incentivize students into seeking a career in a radiation-related research field (seminars, invited speaker, mentoring programmes)

  6. In all cases where you are dealing with radiation-related challenges

  7. In ensuring all your GDPR special category data treatments are in compliance with existing regulations

"Nuclear medicine is a beautiful science, challenging, powerful, accurate, not fully well known… it is rewarding to help others in mastering it better."

Laura Ravasi, MD, PhD​

DPO/RPD Service

 

This service as DPO/RPD is for medium and small companies, professionals, or public administrations which are required to designate a Data Protection Officer / Responsable Protection Données but won't necessarily want to hire a full time position.

A common wrong belief is that the legal obligation to appoint a Data Protection Officer is only based on the size of the company. The GDPR, on the contrary, bases the obligation to designate a DPO on the core processing activities which are defined as those essential to achieving the company’s goals. Public bodies on the other hand always have to appoint a DPO, with the exception of courts who are acting in their judicial capacity.

Companies can either name an employee as an internal Data Protection Officer, and paying close attention to conflict of interests, or they can appoint an external Data Protection Officer.

The service fee depends on three critical factors:

  1. Number of Data Treatments within your organization (actual or estimated)

  2. Criticality of personal data being treated (especially if it involves minors and/or special category of data)

  3. Your own organization, size, and structure

Contact us to profit from a DPO with multi-years experience on Information Security, Data Privacy, Data Protection, and PECB accredited and certified, too.

 

Let our expertise meet your needs.

We will help you with:

  1. Establishing Data Privacy and Data Protection at the core of all your business operations

  2. Continuously promoting Data Protection awareness, accountability, and compliance within your organization

  3. Ensuring the protection of Personal Data in all of your processing, in compliance with applicable laws, regulations and industry codes, your internal policies and procedures, and eventually help you amend them

PECB Certified GDPR Trainings

 

 

Reinforce your expertise about the General Data Protection Regulation through PECB’s training courses listed. During the trainings you will learn all the necessary tools and methods that will enable you to assist your organization in achieving and maintaining its compliance with GDPR requirements.

In the context of PECB trainings, we collaborate with the ACTAGIS Academy for training and courses in Switzerland and Europe.

ACTAGIS Academy is the unique qualified & authorized training center delivering the combined knowledge and expertise for Governance, Security, Risk, Quality, and Business Continuity with accredited certifying training courses and exam preparation and very high success rates. Please do contact us for more information about the training sessions.

GDPR Introduction

GDPR Introduction training course enables you to comprehend the basic concepts and requirements of the General Data Protection Regulation (GDPR). This training will also help you understand the responsibility of data handling, processing and the role of a data controller.

Learning objectives: 

  • Understand the basic concepts and components of Data Protection

  • Understand the data protection principles, challenges, issues and the importance of a data protection officer, controller and processor

  • Understand the concepts, approaches, methods and techniques for the effective protection of data

GDPR Foundation

Become familiar with the concepts and requirements of General Data Protection Regulation (GDPR). This course will help you learn the basic elements of implementing and managing a compliance framework in terms of protecting personal data.

Learning objectives:

  • Understand the General Data Protection Regulation requirements and the fundamental principles of privacy

  • Understand the obligations, roles and responsibilities of the Data Protection Officer

  • Understand the concepts, approaches, methods and techniques to effectively participate in the implementation process of a compliance framework with regard to the protection of personal data

Certified Data Protection Officer

Obtain all the competencies and knowledge necessary to lead all the processes for complying with the requirements of the General Data Protection Regulation (GDPR) in an organization. Moreover, this course will also provide you all the operational skills and knowledge necessary to perform the activities that are required to maintain compliance with the General Data Protection Regulation.

Learning objectives:

  • This training is based on both the Regulation and best practices

  • Lecture sessions are illustrated with practical questions and examples

  • Practical exercises include examples and real case discussions

  • Practice exercises are similar to the Certification Exam

PECB Certified Information Security Trainings

 

 

Why ISO/IEC 27001?

ISO/IEC 27001 provides requirements for organizations seeking to establish, implement, maintain and continually improve an information security management system. This framework serves as a guideline towards continually reviewing the safety of your information, which will exemplify reliability and add value to services of your organization.

 

ISO/IEC 27001 is a great foundation also to support GDPR compliance. ISO/IEC 27001 assists you to understand the practical approaches that are involved in the implementation of an Information Security Management System that preserves the confidentiality, integrity, and availability (Information Security Triade, CIA) of information by applying a risk management process.

In the context of PECB trainings, we collaborate with the ACTAGIS Academy for training and courses in Switzerland and Europe.

ACTAGIS Academy is the unique qualified & authorized training center delivering the combined knowledge and expertise for Governance, Security, Risk, Quality, and Business Continuity with accredited certifying training courses and exam preparation and very high success rates. Please do contact us for more information about the training sessions.

ISO 27001 Introduction

ISO/IEC 27001 Introduction training course enables you to become familiar with the basic concepts of an Information Security Management System (ISMS).

Learning objectives

  • Understand the concepts, approaches, methods, and techniques used to implement an Information Security Management System (ISMS)

  • Understand the basic elements of an Information Security Management System

ISO 27001 Foundation

ISO/IEC 27001 Foundation training allows you to learn the basic elements to implement and manage an Information Security Management System as specified in ISO/IEC 27001. During this training course, you will be able to understand the different modules of ISMS, including ISMS policy, procedures, performance measurements, management commitment, internal audit, management review and continual improvement.

Learning objectives:

  • Understand the elements and operations of an Information Security Management System (ISMS)

  • Acknowledge the correlation between ISO/IEC 27001, ISO/IEC 27002 and other standards and regulatory frameworks

  • Understand the approaches, standards, methods and techniques used for the implementation and management of an ISMS 

After completing this course, you can sit for the exam and apply for the “PECB Certified ISO/IEC 27001 Foundation” credential. A PECB Foundation Certificate shows that you have understood the fundamental methodologies, requirements, framework and management approach.

ISO 27001 Lead Implementer

ISO/IEC 27001 Lead Implementer training enables you to develop the necessary expertise to support an organization in establishing, implementing, managing and maintaining an Information Security Management System (ISMS) based on ISO/IEC 27001.

Learning objectives:

  • standards and regulatory frameworks

  • Master the concepts, approaches, methods and techniques used for the implementation and effective management of an ISMS

  • Learn how to interpret the ISO/IEC 27001 requirements in the specific context of an organization

  • Learn how to support an organization to effectively plan, implement, manage, monitor and maintain an ISMS

  • Acquire the expertise to advise an organization in implementing Information Security Management System best practices