The customer data protection needs to be included under the logics inspiring the principles and measures of Data Governance. In this sense, the measures to protect customers’ personal data can only be effective if they follow the same principles that drive the measures to corporate Data Governance. A healthy setting of Data Governance rules is… Read More »
We are often tempted to reuse a significant portion of existing solutions and processes when information systems are forced to adhere to new regulatory requirements. This is usually not prevented and indeed advisable in many cases; nevertheless in the case of the new GDPR any simple and hasty approach would seem unsuitable and misleading. This especially… Read More »
We daily have the chance to experience the meaning of Privacy by Design or, more generally, of Compliance by Design. Corporate operational processes are unquestionably fully automated through information technology solutions and much was made to enhance the quality in designing and developing applications and infrastructural solutions. Also, beyond the usual development roles, it is… Read More »
Do you remember the old fashioned DPS (Documento Programmatico per la Sicurezza)? When it was removed from the minimum required measures, the Italian Regulator didn’t mean that companies could abandon the analysis over the different kinds of data processing, the definition of the inherent risks and the measures to mitigate them. Actually, companies merely aiming to formally satisfy requirements… Read More »
Is the DPO role requirement downgrade, out of the recent EP position and Council General Approach (15/06/2015), a real understatement or a need for an intermediate shorter but common step ahead for all Member States? The Data Protection matter seems affected by annoyance and embarrassment both on the side of single individuals, which should feel themselves… Read More »