Regolamento, Direttiva e Codice privacy. Tra norme vigenti e norme abrogate.
WAITING FOR TRANSLATION
Clinical trials and GDPR
Clinical trials data are the ones more frequently processed by pharma and medical device companies: trial centers are also involved in this data processing. Under the data protection legislation, pharma and medical device companies are controllers and trial centres are processor, most of the time. But these roles are not always clear. In the WP… Read More »
Notification of a personal data breach to the supervisory authority
WAITING FOR TRANSLATION
The authentication process in Personal Health Record service
From a privacy perspective, SPID – Italian Public Service for Digital Identity is compliance with GDPR, because is a precaution to protect personal data (Art. 32). Currently, in many online Personal Health Record services, is possible to perform the authentication by Level 2 of ISO / IEC DIS 29115 (Level of Assurance 3 (LoA3)) and… Read More »
20 Years in 2 minutes and 38 seconds!
A short video of only 2 minutes and 38 seconds to remind us where we started from, where we are noe and where we are going to, a celebratory and summary video of 20 years of privacy law in Italy. A movie maybe a bit nostalgic and “old fashion” but that it casts on the… Read More »
Reflections on the contents of records of processing activities
Waiting for translation.
App and Privacy Policy. A case of Mobile Strong Authentication without mobile
WAITING FOR TRANSLATION
Perception of GDPR impact among Italian organisations
WAITING FOR TRANSLATION
Article 29 Data Protection Working Party Guidelines on Data Protection Impact Assessment (DPIA)
Last April 4, the Article 29 Data Protection Working Party (WP 29) has adopted Guidelines on Data Protection Impact Assessment, first of all defining common criteria for all data controllers, which can support the identification of processing operations that require to carry out a data protection impact assessment. This because it is not compulsory in… Read More »
A checklist to adapt to GDPR
Adapting to GDPR can be a rather complex task: is a substantial Regulation composed of 99 articles and 173 recitals. I thought useful, at least for me, to elaborate a reasoned summary, which directs the mental process to see if and how to adjust business procedures to achieve compliance. As with all summaries, of course,… Read More »