Tag Archives: risk evaluation

Terminology differences between D.lgs 196/2003 and GDPR Regulation (EU) 2016/679

One of the benefits introduced by GDPR is about conforming the terminology at European level. But it is verifiable a disadvantage related to the figures involved, leaving the Italian scheme of D. Lgs. 196/2003 and considering the linguistic difference.                Lgs.196/2003                  … Read More »

The Health Technology Assessment (HTA) approach

Give the citizen a reliable health data, secure and easy to use is not possible without an overview of all the business processes. These can be standardized and simplified if the critical issues are identified, evaluated and removed. In the conduct of information security governance, healthcare organizations can make use of the methodological approach of… Read More »

A risk assessment model regarding the personal data processing in electronic communications

Announcing the publication in the “La Comunicazione – Note, Recensioni e Notizie” magazine 2015 (Istituto Superiore delle Comunicazioni e delle Tecnologie dell’Informazione) of an article : Un modello per la valutazione dei rischi relativamente al trattamento dei dati personali nelle comunicazioni elettroniche (A risk assessment model regarding the personal data processing in electronic communications) by Alberto… Read More »

Coming soon: Jan. 29 2016 the first meeting on GDPR

Europrivacy.info is organizing a meeting to start talking and working on the recently approved text of the GDPR on January 29 in Milan. This is just a “save the date”: more info will follow soon.

The French Data Protection Authority publishes its PIA manual

New guides for carrying out PIAs (Privacy Impact Assessments) have been published by the CNIL. The method will help data controllers to implement Privacy by design. A PIA (Privacy Impact Assessment) relies on two pillars: – The fundamental principles and rights, “non-negotiable”, fixed by law and that have to be complied with. They may -not… Read More »

About security of the processing

The Amendment 124, Proposal for a regulation, Article 30 states: 1.  The controller and the processor shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risks represented by the processing, taking into account the results of a data protection impact assessment (…), having regard to the state of the art and… Read More »