Tag Archives for " compliance "

Polish DPA’s guidance on data protection in the workplace partially “controversial”

The Polish data protection authority (‘UODO’) issued, on 4 October 2018, guidance for employers on data protection in the workplace, under the General Data Protection Regulation (‘GDPR’), following a public consultation on the same. In particular, the Guidance focuses on the processing of employee data during recruitment, selection and the employment period, as well as distinguishes between different types of employment contracts, such as those concerning temporary and permanent workers.

Full article: Poland: UODO’s guidance on data protection in the workplace partially “controversial”

First significant GDPR fines in the pipeline

The European Data Protection Supervisor, Giovanni Buttarelli, says that we can expect to see DPAs take enforcement action soon. He said the sanctions will be imposed in many EU countries and will hit many companies and public administrations but declined to provide details because investigations were still ongoing.

Source: First significant GDPR fines in the pipeline – Privacy Laws & Business

German Lawyer Sanctioned Due to Incomplete GDPR Policy

An interim injunction has been issued by Würzburg Regional Court against a lawyer who displayed an unfinished Privacy Policy on her firm’s website which also included an unencrypted and unprotected contact form. Reaction to the ruling has been mixed as the sanction due to the unfinished GDPR policy was understandable but ruling regarding the unencrypted form was more confusing as this does not affect the transfer of information.

Source: German Lawyer Sanctioned Due to Incomplete GDPR Policy – Compliance Junction

UK DPA releases data protection self-assessment checklist for sole traders

The ICO has launched a self-assessment checklist that will help sole traders and self-employed individuals to assess their compliance with new data protection laws. The checklist is aimed at improving understanding of data protection and making sure sole traders are keeping people’s personal data secure. It shows sole traders how compliant they are by generating a rating based on their responses and provides handy links to relevant ICO guidance and further information. It also includes practical suggestions of how to stay in line with the law.

Source: New data protection self-assessment checklist for sole traders | ICO

Social Media poses biggest data breach threat

Following the amount of airtime devoted to scandals from Facebook / Cambridge Analytica to Google+, it may come as no surprise that social media platforms pose the biggest danger when it comes to data breaches. Gemalto’s latest Breach Level Index , which keeps a record of the world’s public data breaches points the finger firmly at social platforms, which accounted for over 56% of the 4.5bn pieces of information that were put into jeopardy through the first six months of this year.

Full article: Social Media poses biggest data breach threat

GDPR complaints stack up across the EU as regulators prepare to issue fines

It’s almost five months since Europe’s General Data Protection Regulation (GDPR) went into effect. Meanwhile, EU member states start to tally up GDPR complaints. Numbers have started rolling in from data protection authorities across Europe. As one of the first companies to be warned by a DPA, French startup Teemo might prove that regulators are more interested in keeping companies in line than collecting fees – once Teemo brought itself into compliance, the CNIL considered the issue closed.

Full article: GDPR complaints stack up across the EU as regulators prepare to issue fines – MarTech Today

EDPB Adopts Opinions on National DPIA Lists in the EU

The European Data Protection Board (“EDPB”) recently published 22 Opinions on the draft lists of Supervisory Authority (“SAs”) in EU Member States regarding which processing operations are subject to the requirement of conducting a data protection impact assessment (“DPIA”) under the EU General Data Protection Regulation (“GDPR”).

Full article: EDPB Adopts Opinions on National DPIA Lists in the EU

MEPs demand a full Facebook audit by EU bodies

EU bodies should be allowed to fully audit Facebook to assess data protection and security of users’ personal data, said Civil Liberties MEPs on Wednesday.

MEPs take note of the privacy improvements undertaken by Facebook after the Cambridge Analytica scandal, but recall that the company has yet not carried out the promised full internal audit. They recommend that the company makes “substantial modifications to its platform” to comply with EU data protection law.

Source: Facebook: MEPs demand a full audit by EU bodies to assess data protection | News | European Parliament

GDPR Readiness Survey for Software and SMEs

The GDPR Readiness Survey for Software and SMEs will show you the latest approach taken by entrepreneurs to comply with the GDPR. In this GDPR Readiness Survey, 100 different software companies and startups of varying sizes, ranging from 1-250 employees, were surveyed.

50% of respondents indicated they managed GDPR compliance internally without the consultation of an external body or an external lawyer. 42% of respondents contacted a lawyer to advise on GDPR compliance.

52% of survey respondents believed that they are fully GDPR compliant

Full article: GDPR Readiness Survey for Software and SMEs

1 2 3 31
>