Category Archives: Codes of conduct and certification

Monitoring of approved codes of conduct

Let us assume for a moment that we have a perfect code of conduct, the best that you could ever write, already approved, recorded and released by the supervisory authority, and so – at this point – you should only “hope” that itwill be adopted by users for which it was drawn. Here, we imagine… Read More »

GDPR in practice

Everybody is talking about GDPR in every session at Security Summit this year, whatever the topic, but in practice what companies are doing to get prepared? Alessandro Vallega started from here to introduce the conference dedicated by Europrivacy to the new European Regulation, on the second day of the Summit organized by Clusit in Milan.… Read More »

A “sustainable and effective” Privacy for SMEs

Among the speeches at the GDPR conference held at Politecnico University in Milan on 17/1 (see HERE for full report), particularly enlightening i found the one by Sergio Fumagalli (Coordinator of Europrivacy), dedicated to the impact of GDPR on SMEs. The reasoning was prompted by the need to contextualize the application of regulations to the… Read More »

THE CERTIFICATION OF PERSONS IN GDPR

Following the complex mapping of Controller’s certification provided for by GDPR, we proceed investigating the certification of persons. From a normative point of view this topic proves very simple: THE CERTIFICATION OF PERSONS IS NOT PROVIDED or more precisely: IS NOT REQUIRED. Hence GDPR does not provide for nor require certified professional roles, not even… Read More »

GDPR guest star at Politecnico University

Aula Magna packed and great audience interest on 17/1 for the conference dedicated to GDPR by the Information Security & Privacy Observatory of Politecnico University in Milan. In his introduction Alessandro Piva (Observatory Director) has anticipated some results of the Research that will be presented on 2/2, which shows the breadth and diversity of threats,… Read More »

Will SME comply to GDPR?

Comments seem to appreciate the GDPR: consulting companies think of the huge amount of services that top enterprises will require; tech vendors follow. Here is the point: large banks, top insurances, international B2C operators, Telcos, large internet players, these are the ones that are expected to comply. Or to have to comply. But this is… Read More »