Areas of expertise

The areas of expertise where the research and practice of Avvocato Valentina Grazia Sapuppo develop, at the point where law meets technology.

Artificial Intelligence and the AI Act

Compliance of artificial intelligence systems with the European Regulation (AI Act): risk classification, governance, technical documentation and AI management systems under ISO/IEC 42001.

Read more on the blog →

AI ethics and bioethics

Ethical analysis of AI systems (transparency, accountability for automated decisions, fairness and the protection of human dignity) and the bioethical implications of health technologies and neurotechnologies: informed consent, non-maleficence and justice, between the European ethics guidelines, the work of UNESCO and the WHO, and a genuinely human-centred approach.

Read more on the blog →

Personal data protection and GDPR

GDPR and privacy law: data protection impact assessments (DPIA), roles and responsibilities, records of processing activities, controller and processor relationships and the role of the DPO.

Read more on the blog →

Governance, Risk & Compliance (GRC)

Integrated models of governance, risk management and compliance, including under Legislative Decree 231/2001, balancing regulatory obligations and voluntary standards.

Read more on the blog →

Cybersecurity

Information security and organisational resilience: ISO/IEC 27001 management systems, technical and organisational measures, incident management and business continuity.

Read more on the blog →

Environment and safety

Environmental (ISO 14001) and occupational health and safety (ISO 45001) management systems, also in integrated form with other management systems.

Read more on the blog →

Gender equality

Gender equality management systems (UNI/PdR 125:2022), inclusion and the countering of disparities, including within technological and organisational processes.

Read more on the blog →

ISO/IEC & CEN/CENELEC standards

Technical standardisation and conformity assessment: ISO/IEC 17021-1 (management systems), ISO/IEC 17065 (products) and ISO/IEC 17024 (professional competences).

Read more on the blog →

Training and teaching

Teaching and specialist training for professionals and organisations on law, artificial intelligence, data protection, cybersecurity and management systems.

Read more on the blog →

Civil law

Advice and assistance in private-law matters: obligations and contracts, civil liability, personal rights, family and succession, with attention to the impact of new technologies on legal relationships and on the protection of the person.

Read more on the blog →

Criminal law

Advice and defence in criminal law, with particular attention to digital technologies: cybercrime, data protection, corporate liability (Legislative Decree 231/2001) and new forms of offence in the digital ecosystem.

Read more on the blog →

Il filo conduttore è l’intersezione tra le normative vincolanti dell’Unione europea e gli standard tecnici volontari, con particolare attenzione all’impatto delle tecnologie sulle persone e alla tutela dei soggetti vulnerabili nell’ecosistema digitale.


Civil and criminal law

Alongside her research and technical standardisation work, Avvocato Valentina Grazia Sapuppo also handles the traditional areas of civil and criminal law, including the aspects that intersect with new technologies and data protection.

Civil law

  • Persons, family and succession
  • Obligations and contracts
  • Civil liability and compensation for damage
  • Tort and medical liability
  • Property and real rights
  • Debt recovery and enforcement
  • Damage from unlawful processing of personal data

Criminal law

  • Assistance and defence in criminal proceedings
  • Computer crimes and cybercrime
  • Criminal aspects of personal data processing
  • Crimes against persons and property
  • Corporate liability (Legislative Decree 231/2001)