On November 25th, 2016 we have met to present the results of one year work and to discuss about the plan of the next one. This post highlights the key topics discussed and decisions taken. We had 26 participants belonging to 23 companies or associations. 17 present in person and 9 in webconference. We used… Read More: Europrivacy after one year: status and plan »
Within analysis of the system of sanctions in GDPR, focus is usually set on the significant figures provided for by article 83, which succeeds reaching Controllers and Processors with administrative fines up to 20 millions euro or up to 4% of global annual turnover. Article 83 General conditions for imposing administrative fines … 4. Infringements… Read More: SANCTIONS IN GDPR »
Art. 24 Sanctions of the Directive 95/46 recital “The Member States shall adopt suitable measures to ensure the full implementation of the provisions of this Directive and shall in particular lay down the sanctions to be imposed in case of infringement of the provisions adopted pursuant to this Directive.” did not gave any specific criteria to… Read More: Fines are higher for individual rights violations rather than poor… »
The health data are processed in a technological domain very complex, often influenced by the presence of exceptions. These exceptions to the standard management processes add cost, complexity and redundancy in the system, worsening the proper functioning of healthcare organizations. The regulatory environment also does not provide the appropriate tools to attack the critical issues… Read More: The role of Data Protection Officer in an healthcare organisation »
As is widely known, the European Union General Data Protection Regulation, which replaces Directive 95/46/EC, will come into force in May 2018 and will bring relevant changes to all stakeholders: DPAs, individuals, controller and processor organizations. In order to help organizations understand the key operational impacts of the regulation and to stimulate their internal change,… Read More: GLOBAL GDPR READINESS: CIPL REPORT »
The FabLab Group (established by WP29) drew up the summary document that will lead to issue best practices and guidelines about: the role of the DPO, Data Portability, DPIA and criteria on the Privacy Certification. As for the DPO, as you may have already had occasion to read, I am among those who support the… Read More: WP29 and the role of DPO »
Sorry, this entry is only available in Italiano.
The Working Party Article 29 spokeswoman Isabelle Falque-Pierrotin has set for her team a challenging goal: to publish later this year a handbook for practical application in companies of the changes introduced by the new european General Data Protection Regulation. The guidelines are necessary because “there are ambiguities in GDPR”. Clarifications have also been promised… Read More: WP29 announces a “handbook” for the GDPR »
Turning to the provisions of the GDPR at issue, it is necessary to underline that art. 9, para. 2, letter e) constitutes an exception to the general principle that sets forth in an absolute prohibition on the processing of personal data belonging to the specific categories indicated paragraph 1: in summary, the provision states that… Read More: “PERSONAL DATA MADE PUBLIC BY THE ‘DATA SUBJECT’ AND USE… »
GDPR art. 9, entitled “Processing of special categories of personal data”, after having setting forth the general rule, specifically that “1. Processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a… Read More: “PERSONAL DATA MADE PUBLIC BY THE ‘DATA SUBJECT’ AND USE… »