GDPR AND INFORMATION SYSTEM
WAITING FOR TRANSLATION
Category Archives: Impact, Risk and Measures
Physical Cyber Security Assessment
WAITING FOR TRANSLATION
How to prepare to comply to GDPR
The GDPR was born one year ago (on the 27th April, published on GUE on 4th May 2016) and many have not yet outlined an adjustment plan. There is only one year left to comply to (the deadline is established on 25th May 2018). Some data protection authority of each EU Member State have published… Read More »
Guidelines DPIA … for whom / for what ??
On 4.4.2017 the WP has adopted the “Guidelines on Data Protection Impact Assessment (DPIA) and determining whether processing is “likely to result in a high risk” for the purposes of Regulation 2016/679” the question is why, for whom and for what. The answer is inside the document and is not a secondary matter because if… Read More »
The new European Regulation gives greater value and facilitation to scientific research.
The Directive 95/46/EC deal with the argument in the following terms: The processing of personal data for scientific research purposes is not considered incompatible with other processing (art. 6) For scientific use, personal data may be stored for longer periods (art. 6) The provision of information to the data subject may not be given when… Read More »
Guidelines Data Protection Impact Assessment
On April 5, the “Article 29 Data Protection Working Party” has published the “Guidelines on Data Protection Impact Assessemnt (DPIA) in order to give a valid interpretation of art. 34 of the EU Regulation 2016/679. The document consists of 19 pages (plus two attachments) very dense, having regard to the complexity of the matter. From guidelines it… Read More »
MIFID II and GDPR Regulations
Following the mandate given by the European Commission, the European Securities and Markets Authority (ESMA) published its final technical advice on MiFID II on 19 December 2014, and on MAR on 3 February 2015. On 10 February 2016, the European Commission confirmed one year delay to the MiFID II timetable. The new target for implementation… Read More »
GDPR in practice
Everybody is talking about GDPR in every session at Security Summit this year, whatever the topic, but in practice what companies are doing to get prepared? Alessandro Vallega started from here to introduce the conference dedicated by Europrivacy to the new European Regulation, on the second day of the Summit organized by Clusit in Milan.… Read More »
CNIL: A METHODOLOGY FOR THE GDPR
WAITING FOR TRASLATE
Consider costs of unsecurity when budgeting
Computerweekly reports that Yahoo’s shareholdwers had to accep a relevant cut on the transaction with Verizon to sell Yahoo due to the security breaches that came into light over the last months: 350 M$. Not peanuts. How much security could have they bought for such an amount of money? It is interesting to take these… Read More »