Author Archives: Giancarlo Butti

About Giancarlo Butti

Deals with ICT, organization and legislation since the early 80s covering different roles: security manager, project manager, auditor at banking groups, consultant in security and privacy to companies of different sectors and sizes. Performs regular activity of dissemination through articles (over 700), books (21 between books and white papers also used as university texts, 11 collective works within the ABI LAB, Oracle Community for Security and CLUSIT), technical manuals, courses, seminars, conferences… participates in working groups to ABI LAB on Business Continuity, Risk and GDPR, ISACA-AIEA on GDPR and 263, Oracle Community for Security, UNINFO, ASSOGESTIONI and the Committee of experts for the innovation of OMAT360. He is a member of the faculty of ABI Training. He is a partner and proboviro of ISACA-AIEA Member of CLUSIT and BCI. He is certified (LA BS7799), (LA ISO IEC 27001:2013), CRISC, ISM, DPO, CBCI, AMBCI.

The butcher and privacy

In the past few days, a picture circulating around showed a poster in a butcher shop that said: In our butchery, we could sometimes ask your name and remember your tastes in terms of meat. If this annoys you, please enter shouting: “I deny my consent”. From now on, we’ll pretend not to know you.… Read More »

DPO

Less than a month before the GDPR  coming  into force, it happens more and more often to see discussions, both online and during conferences, about the DPO’s role, its skills and competencies  , its operational activities, the fact that she/he can or can’t do his job effectively in the company where the GDPR has been… Read More »

DATA RETENTION POLICY

One of the most discussed topics in conferences and workshops is the proper management of personal data retention periods. Tha fact that this topic generates such an interest is actually an anomaly. In fact, the GDPR doesn’t introduce any innovation (except for sanctions) to the current privacy legislation, which rules at article 11 that data… Read More »

PRIVACY LAWS

My job allows me to attend many diverse workshops and events on GDPR. My overall impression is that most of the attendees have never really read a privacy legislation text, whether it’s the current legislation or the GDPR. This state of things is quite detrimental because the questions asked are often absolutely irrelevant (for instance,… Read More »