Tag Archives: DPO

A checklist to adapt to GDPR

Adapting to GDPR can be a rather complex task: is a substantial Regulation composed of 99 articles and 173 recitals. I thought useful, at least for me, to elaborate a reasoned summary, which directs the mental process to see if and how to adjust business procedures to achieve compliance. As with all summaries, of course,… Read More »

Terminology differences between D.lgs 196/2003 and GDPR Regulation (EU) 2016/679

One of the benefits introduced by GDPR is about conforming the terminology at European level. But it is verifiable a disadvantage related to the figures involved, leaving the Italian scheme of D. Lgs. 196/2003 and considering the linguistic difference.                Lgs.196/2003                  … Read More »

DPO: the responses of the Privacy Authority to frequently asked questions

  Here come the answers of the Privacy Aythority to frequently asked questions asked about the DPO (ex art. 37 Reg UE 2016/679) Below the link in both Italian and English http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/5930300 http://ec.europa.eu/information_society/newsroom/image/document/2016-51/wp243_annex_en_40856.pdf   Please find here below the answer n. 10 that in my opinion integrates and responds to the discussion that followed the… Read More »

Data Protection Officer, close to a unified certification scheme … and more

After more than a year of work, the draft of a national UNI/UNINFO standard defining profiles and competences of data protection and processing professionals reached its final public inquiry stage. One of the declared goals is to bring common, shared rules to avoid a “far west” effect on a market already crowded by proprietary initiatives,… Read More »

Relevance and cost of the Data Protection Officer in healthcare organizations

The legislation fixes the data protection as a general problem of high priority, and obliges organizations address data protection seriously and consciously, outlining the tools and strategies to get organized coherently and do their part to counter this risky situation. The GDPR defines an approach for the creation of a system in which information security is… Read More »

GDPR guest star at Politecnico University

Aula Magna packed and great audience interest on 17/1 for the conference dedicated to GDPR by the Information Security & Privacy Observatory of Politecnico University in Milan. In his introduction Alessandro Piva (Observatory Director) has anticipated some results of the Research that will be presented on 2/2, which shows the breadth and diversity of threats,… Read More »

BODY IN CHARGE OF VIGILANCE AND CONTROL AND PRIVACY ROLES: GENERAL EVALUATION AND FIRST CONSIDERATIONS ON DPO’S PROCESSINGS.

Giancarlo Butti has proposed the interesting topic concerning individuation of the role assigned to bodies in charge of vigilance and control within instances of personal data processing; these bodies are by their nature independent to the entity they supervise, even when being part of it. Among them, Butti has chosen as example the Organismo di… Read More »

WP29 announces a “handbook” for the GDPR

The Working Party Article 29 spokeswoman Isabelle Falque-Pierrotin has set for her team a challenging goal: to publish later this year a handbook for practical application in companies of the changes introduced by the new european General Data Protection Regulation. The guidelines are necessary because “there are ambiguities in GDPR”. Clarifications have also been promised… Read More »