Comments seem to appreciate the GDPR: consulting companies think of the huge amount of services that top enterprises will require; tech vendors follow. Here is the point: large banks, top insurances, international B2C operators, Telcos, large internet players, these are the ones that are expected to comply. Or to have to comply. But this is… Read More »
Europrivacy and Global Cyber Security Center have prepared an online survey on how the companies are preparing for the GDPR. Please contribute answering 25 simple questions! (in Italian) Results will be published by the year end on the website and incorporate in the Clusit ICT Security report. The survey starts here: http://bit.ly/2dDOiqm thanks to Elena Agresti and Giancarlo… Read More »
As is well known the GDPR provides no clear guidance on how to demonstrate its own conformity and this poses a number of non banal challenges to entities that process personal data. Between various possible tools that could be considered (while awaiting more detailed guidelines) there is the use of a series of measurable parameters… Read More »
During last years there has been an increase on variety and amount of data available, a development of channels to access data and a business globalization. This situation has created a data governance and compliance complexity, besides a growth of potential threats to confidentiality requirements, integrity and availability of information. In this context the need… Read More »
Changing the DNA of the companies The new privacy rules force the companies to change organization, processes and mindset. They provides not only technical implementations, but organizational changes by the use of a proactive and predictive approach. Despite the degree of perception on privacy issues has increased over the years, the old organizational model has… Read More »
The General Data Protection Regulation is certainly innovative and in line with the current requirements for data security. It is structured in such a way as to ensure consistency, balance and control of the powers of the stakeholders involved. It aims to achieve, in the short and medium term, some “hard” goals. Most public and… Read More »
First advice: the regulations should be read; it is not enough merely to consult a few articles or to follow one or two conferences to understand what is necessary to do. The authors and the relaters bring their own interpretations, often very debatable. Simply by reading the regulatory text you can actually understand what is… Read More »
I have found at this link a guidance to GDPR. It is written in Italian because it has been provided by the Italian DPA. It is high level, non technical, simple and informative. Is uses a lot of graphics and address the general public. I think is necessary to communicate to EU citizens the value of this new… Read More »
We all are so concentrated on the new EU Regulation that we disregard easily what is going on in the rest of the world. Hereafter you can find some news from far east and far west: all over the world private data protection and security are getting more and more relevant for policy makers, citizens… Read More »
The Commission adopted on 12 July 2016 its decision on the EU-U.S. Privacy Shield. The decision follows the decision of the Court of Justice of the European Union that, on 6 October 2015, had declared the Commission’s 2000 Decision on EU-US Safe Harbour invalid. The article 29 Data Protection working party adopted an opinion about… Read More »