Tag Archives: PIA

GDPR guest star at Politecnico University

Aula Magna packed and great audience interest on 17/1 for the conference dedicated to GDPR by the Information Security & Privacy Observatory of Politecnico University in Milan. In his introduction Alessandro Piva (Observatory Director) has anticipated some results of the Research that will be presented on 2/2, which shows the breadth and diversity of threats,… Read More »

Notification to the supervisory authority

GDPR (Privacy European Regulation) does not require “notification to the supervisory authority” for special data processings. Such notification was required by previous Directive 95/46/CE. In fact, notification of special processing processings is considered an obsolete tool and, as written in introductory clause 89, “did not in all cases contribute to improving the protection of personal… Read More »

Is a retrofitting enough to make current solutions compliant?

We are often tempted to reuse a significant portion of existing solutions and processes when information systems are forced to adhere to new regulatory requirements. This is usually not prevented and indeed advisable in many cases; nevertheless in the case of the new GDPR any simple and hasty approach would seem unsuitable and misleading. This especially… Read More »

What can make Privacy-by-Design possible

We daily have the chance to experience the meaning of Privacy by Design or, more generally, of Compliance by Design. Corporate operational processes are unquestionably fully automated through information technology solutions and much was made to enhance the quality in designing and developing applications and infrastructural solutions. Also, beyond the usual development roles, it is… Read More »