Tag Archives: Organization

The relevance of the data Protection Officer role and it’s position within an organization

The data protection officer (“DPO”) is an essential component of a data privacy accountability framework, playing a crucial role in enabling organizations to ensure, and to demonstrate, data Privacy compliance. The role of the DPO is formally recognized and its responsibilities described  in the General Data Protection Regulation proposed by the European Commission (the “Regulation”).… Read More »

An international Privacy culture

The recent scandal of the data theft suffered by Canadian extramarital dating website Ashley Madison astonished and continues to create consequences; nearly 10 GBs of data stolen by a hacker group and containing highly sensitive information about the private life of the users involved, whose lives have been however inevitably affected only for being part… Read More »

Is DPO recent downgrade a real understatement?

Is the DPO role requirement downgrade, out of the recent EP position and Council General Approach (15/06/2015), a real understatement or a need for an intermediate shorter but common step ahead for all Member States? The Data Protection matter seems affected by annoyance and embarrassment both on the side of single individuals, which should feel themselves… Read More »

Planning for new General DP Regulation

As the GDPR progresses along its path, the program to comply with the new discipline has to be envisaged. Such program shall surely be complex for the impacts that the new regulation is going to have on organization, processes and technologies. Preliminarily there are two basic questions that need to find answers: Which is the… Read More »

DPO and digital transformation. Comments on EU Council decisions

The EU Council’s proposal for the Personal Data Protection Regulation approved on the 11th of June makes the DPO no longer mandatory for anyone. What did it mean for the DPO to be mandatory in the previous versions of the forthcoming Personal Data Protection Regulation? The digital transformation, or however you may call the big changes in our lives… Read More »

New EU Regulation requires a more structured approach to personal data security

The New Regulation, through the art. 30 and 33, implicitly stresses the concept of “process for security management”, imposing an holistic and risk-based approach to the protection of personal data that takes into account important technological and behavioral changes happened in the last few years (Cloud, Big Data, Social Networks, right to oblivion, right to data… Read More »

Data Protection Officer: professional skills and requirements

Pursuant to article 35 c. 5 of the General Data Protection Regulation (Regulation COM(2012)11), Data Protection Officer (DPO) must have professional qualities and, in particular, expert knowledge of data protection law and practices and ability to fulfill the tasks referred into the following article 37. This would means that the level of required expert knowledge… Read More »