Maurizio Pastore career encompassed different fields of Information and Communication technology (sw development, network and system management), operating in different vertical markets (manufacturing, telecommunication, public administration). In the last five years he was focused on information security and privacy. Since 2012 he acted as Data Privacy Officer and as Chief Information Security Officer in Liguria Digitale, the Regione Liguria ICT company. From 2016 he is focused on Privacy & Security Services for Liguria Digitale Customers. Nowadays he is the DPO for Azienda Ospedaliera S.Luigi Orbassano, ASL TO4, ASL TO5, AISM, FISM, Città Metropolitana di Genova.
WP art.29 published on public consultation wp260 titled “Guidelines on transparency under Regulation 2016/679”. This document details how to comply with art. 12 to 22 and 34. Great attention is devoted to art.13 and art. 14.. WP art.29 on paragraph 2 make clear that privacy statements/ notices shall comply with Transparency, as expressed is in the document,… Read More »
Recently the Italian Data Protection Authority obliged an italian party Movimento Cinque Stelle to update its web site Content Management System, reserving the right to apply administrative sanctions ex art. 162 of Italian Privacy Code dlgs. 196/2003 vedi http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/7400401 How many companies have their site CMS out of date? Perhaps it is better to hurry up.
The French DPA (CNIL) and Spanish DPA (AGDP) have issued two guides for data processors, namely “Règlement européen sur la protection des données : un guide pour accompagner les sous-traitants” and “Directrices para contratos responsable – encargado” respectively. Furthermore the English DPA (ICO) has published a draft gdpr contracts guidance. These have a positive impact… Read More »
Adapting to GDPR can be a rather complex task: is a substantial Regulation composed of 99 articles and 173 recitals. I thought useful, at least for me, to elaborate a reasoned summary, which directs the mental process to see if and how to adjust business procedures to achieve compliance. As with all summaries, of course,… Read More »
The GDPR was born one year ago (on the 27th April, published on GUE on 4th May 2016) and many have not yet outlined an adjustment plan. There is only one year left to comply to (the deadline is established on 25th May 2018). Some data protection authority of each EU Member State have published… Read More »
The Directive 95/46/EC deal with the argument in the following terms: The processing of personal data for scientific research purposes is not considered incompatible with other processing (art. 6) For scientific use, personal data may be stored for longer periods (art. 6) The provision of information to the data subject may not be given when… Read More »
Art. 24 Sanctions of the Directive 95/46 recital “The Member States shall adopt suitable measures to ensure the full implementation of the provisions of this Directive and shall in particular lay down the sanctions to be imposed in case of infringement of the provisions adopted pursuant to this Directive.” did not gave any specific criteria to… Read More »
Trilogue is going on: here you can find all produced documents. They decided to hidden the final text that come out in trilogue technical meetings. Today (24/10/15) the only browsable document (http://www.consilium.europa.eu/register/en/content/out/?&typ=ENTRY&i=ADV&DOC_ID=ST-12404-2015-INIT) is about Chapter VI and VII and most of the content is intentionally left blank. The relevant information is that works are going on. Presidency… Read More »