Category Archives: Legal framework

Record of processing activities

Article 30 of Gdpr “Records of processing activities” obliges the controller and processor to maintain a records of processing Activities under its responsibility. Specifically, that record shall contain all of the following information: the name and contact details of the controller and, where applicable, the joint controller, the controller’s representative and the data protection officer;… Read More »

Ethically GDPR

On last 15 March, during the three-days Clusit Security Summit, has been held in a full room of Atahotel Expo Fiera Rho-Pero, a meeting entitled “Practically GDPR” presented and moderated by Dr. Vallega in the formula of the “round table” with speakers – in addition to the president of Clusit – from companies representative of… Read More »

GDPR in practice

Everybody is talking about GDPR in every session at Security Summit this year, whatever the topic, but in practice what companies are doing to get prepared? Alessandro Vallega started from here to introduce the conference dedicated by Europrivacy to the new European Regulation, on the second day of the Summit organized by Clusit in Milan.… Read More »

UK institutional “data breach” … HSCIC asks for an inconsistent consent …

A recent decision of the Information Commissioner’s Office (https://ico.org.uk/) has manifested a fear that for years affected the UK (and not only) and that it is the focus of the discussions between the associations for the protection of clients/patients/data subjects. The above document states that the British “Data Controller” has experienced an anomaly related to… Read More »