Tag Archives: Data Protection Officer

The role of Data Protection Officer in an healthcare organisation

The health data are processed in a technological domain very complex, often influenced by the presence of exceptions. These exceptions to the standard management processes add cost, complexity and redundancy in the system, worsening the proper functioning of healthcare organizations. The regulatory environment also does not provide the appropriate tools to attack the critical issues… Read More »

DPO: better a service or an employee?

The Regulation 2016/679 (GDPR) introduces a new role: the Data Protection Officer (DPO). Mandatory for some categories of Controllers and Processors and optional for the remaining ones (see article 37), the DPO plays a peculiar role within the controller’s organization. The GDPR defines the main DPO tasks (article 39 for details): inform and advice …, monitor… Read More »

DPO – Information document of the Italian Privacy Authority

The Italian Authority for the protection of personal data has prepared an updated version of the information document about the figure of the Data Protection Officer provided by the GDPR, in the version amended following the political agreement between the European co-legislators (European Parliament and EU Council). This information document is available at the following link: http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/4791784

Coming soon: Jan. 29 2016 the first meeting on GDPR

Europrivacy.info is organizing a meeting to start talking and working on the recently approved text of the GDPR on January 29 in Milan. This is just a “save the date”: more info will follow soon.

The DPO is back again

Data Protection Officer is mandatory, again. Article 35 of the latest version of GDPR states that “The controller and processor shall designate a data protection officer in any case where: […] “. To clearly understand which controllers and processors are included in such categories, the local language versions – and perhaps some comments – are needed. Controller… Read More »

Same Old Stories?

Do you remember the old fashioned DPS (Documento Programmatico per la Sicurezza)? When it was removed from the minim​um​ required measures, the Italian Regulator didn’t mean that companies could abandon the analysis over ​the ​different kinds of data processing, the definition of the inherent risks and the measures to mitigate them. ​Actually, companies ​merely aiming to formally ​satisfy requirements… Read More »

DPO duties and indipendence

In the last version of the Privacy Regulation, the DPO role is not compulsory but an option for Data Controllers. The DPO is mandatory for all organizations of the European Union (agencies). The last version of the Regulation made the certification an option. Organizations willing to be certified should appoint a manager to lead the project… Read More »

Is DPO recent downgrade a real understatement?

Is the DPO role requirement downgrade, out of the recent EP position and Council General Approach (15/06/2015), a real understatement or a need for an intermediate shorter but common step ahead for all Member States? The Data Protection matter seems affected by annoyance and embarrassment both on the side of single individuals, which should feel themselves… Read More »

Data Protection Officer

The controller and the processor shall designate, where applicable, a Data Protection Officer (DPO) on the basis of professional qualities and, in particular,  knowledge and experience on data protection law and practices, and ability to fulfil the assigned tasks .  The controller (or the processor) shall ensure that the Data Protection Officer is properly and timely involved… Read More »