The new right to data portability (art. 20 GDPR) shall also apply to health data. This interpretation is clearly illustrated in the recent Guidelines on the right to data portability, issued by the WP 29 on December, 13 2016. At point III, the Guidelines states three necessary conditions to apply the right: personal data concerning… Read More: Data Portability impact on healthcare facilities »
The text of the new Regulation on Personal Data Protection contains explicit references to the concept of “accountability”, a concept not expressly contained in Directive 95/46/EC, but partially anticipated by the Art. 29 Data Protection Working Party in Opinion no. 3/2010. Primarily, art. 5 of the GDPR identifies the Data Controller as the person responsible… Read More: Accountability in the General Data Protection Regulation »
Around a year ago, following a public consultation of more than 500 contributors, the national Cyber Security framework was published, enriched through time with new support tools: http://www.cybersecurityframework.it/contenuti-di-supporto-al-framework A year later a new public enquiry was launched, concerning safety checks of Cybersecurity Report 2016, to which its is possible participating by February 3rd 2017 visiting… Read More: Cybersecurity Report 2016 – Public consultation »
Following the complex mapping of Controller’s certification provided for by GDPR, we proceed investigating the certification of persons. From a normative point of view this topic proves very simple: THE CERTIFICATION OF PERSONS IS NOT PROVIDED or more precisely: IS NOT REQUIRED. Hence GDPR does not provide for nor require certified professional roles, not even… Read More: THE CERTIFICATION OF PERSONS IN GDPR »
The legislation fixes the data protection as a general problem of high priority, and obliges organizations address data protection seriously and consciously, outlining the tools and strategies to get organized coherently and do their part to counter this risky situation. The GDPR defines an approach for the creation of a system in which information security is… Read More: Relevance and cost of the Data Protection Officer in healthcare… »
Few days ago at the Polytechnic of Milan, in the Aula Magna Carassa – Dadda, Campus Bovisa attended by nearly 450 people, it has been held an extremely interesting conference. During the event emerged – even if incidentally – a short debate on the “right to be forgotten” and its usefulness / viability (here for… Read More: When the “right to be forgotten” is an opportunity »
“ENISA is the Agency of the European Union tasked with contributing to the enhancement of the overall level of cybersecurity of the EU and its Member States. This consultation kicks off the review of ENISA, whose current mandate will come to an end in 2020. The European Commission welcomes the views of all interested stakeholders… Read More: Commission launched a public consultation on ENISA »
Aula Magna packed and great audience interest on 17/1 for the conference dedicated to GDPR by the Information Security & Privacy Observatory of Politecnico University in Milan. In his introduction Alessandro Piva (Observatory Director) has anticipated some results of the Research that will be presented on 2/2, which shows the breadth and diversity of threats,… Read More: GDPR guest star at Politecnico University »
WAITING FOR TRANSLATION
WAITING FOR TRANSLATION