fbpx

Download free GDPR compliance checklist!

Tag Archives for " Germany "

Woman dies during a ransomware attack on a German hospital

It could be the first death directly linked to a cybersecurity attack. Experts have been warning for years that this would happen.

A woman in Germany died during a ransomware attack on the Duesseldorf University Hospital, in what may be the first death directly linked to a cyberattack on a hospital. The hospital couldn’t accept emergency patients because of the attack, and the woman was sent to a health care facility around 20 miles away.

The cyberattack was not intended for the hospital. he ransom note was addressed to a nearby university. The attackers stopped the attack after authorities told them it had actually shut down a hospital.

Source: Woman dies during a ransomware attack on a German hospital – The Verge

German DPA Publishes Schrems II Transfer Compliance Checklist and Suggested Modifications to SCCs

On August 24, 2020, the data protection authority of the German state of Baden-Württemberg published guidance on international transfers of personal data following the Schrems II judgment.

This represents the first comprehensive guidance by a European privacy supervisor indicating how it intends to enforce the Schrems II decision. As well as including a Schrems II compliance checklist, it provides some recommendations on modifying the Standard Contractual Clauses to allow the parties to document their intent to act in accordance with the law.

Source: German DPA Publishes Schrems II Transfer Compliance Checklist and Suggested Modifications to SCCs

Government ordered to rewrite German telecom act due to privacy concerns

Germany’s Constitutional Court has told the government to revise the Telecommunications Act by the end of next year as it violates the right of citizens to phone and internet privacy.

The law at present is unconstitutional because authorities have too much access to people’s data and the privacy of Germans should be better protected, the court ruled.

Source: Government ordered to rewrite German telecom act due to privacy concerns – PrivSec Report

Germany Prepares New Law for Patient Data Protection

On 3 July 2020, the German parliament passed a draft bill for patient data protection and for more digitalisation in the German healthcare system (Patientendaten-Schutz-Gesetz). The draft bill is currently in the legislative procedure and is expected to enter into force in autumn 2020.

One of the main objectives of the bill is to make everyday life easier for patients and healthcare professionals by increasing use of innovative digital applications, while protecting sensitive health data.

Source: Germany Prepares New Law for Patient Data Protection and Increased Digitalisation in Healthcare and for “Data Donations” for Research Purposes

1 Google victory in German top court over right to be forgotten

A German court has sided with Google and rejected requests to wipe entries from search results. The cases hinged on whether the right to be forgotten outweighed the public’s right to know.

The court ruled that whether links to critical articles have to be removed from the search list always depends on a comprehensive consideration of fundamental rights in the individual case.

Source: Google victory in German top court over right to be forgotten | Germany| News and in-depth reporting from Berlin and beyond | DW | 27.07.2020

Germans hand police too much data, court rules

German authorities have too much access to people’s internet and mobile phone data and laws must be rewritten as they are unconstitutional, a court says.

The federal Constitutional Court in Karlsruhe has ruled that the privacy of Germans should be better protected. Police investigating crimes or trying to prevent terror attacks are currently allowed to access names, addresses, birth dates and IP addresses.

Source: Germans hand police too much data, court rules – BBC News

CJEU to decide on right of consumer protection associations and competitors to sue under GDPR

The Federal Court of Justice (BGH) has submitted to the Court of Justice of the European Union (CJEU) the question whether consumer protection associations or competitors are authorised to initiate a civil action in case of infringements of the General Data Protection Regulation (GDPR).

In this preliminary ruling procedure, the CJEU will have to decide whether, among other provisions, Art. 80 GDPR is in conflict with member state law which allows consumer protection associations and competitors to take action against infringements of the GDPR irrespective of the violation of subjective rights of individuals and without a mandate from the data subject.

Source: GERMANY: Right of consumer protection associations and competitors to initiate civil actions under GDPR will be case for CJEU

German Mass Surveillance Abroad is Ruled Unconstitutional

In a landmark decision, the German Constitutional Court has ruled that mass surveillance of telecommunications outside of Germany conducted on foreign nationals is unconstitutional.

In its press release about the decision, the court found that the privacy rights of the German constitution also protects foreigners in other countries and that the German intelligence agency, Bundesnachrichtendienst (BND), had no authority to conduct telecommunications surveillance on them.

The court also decided that as currently structured, there was no way for the BND to restrict the type of data collected and who it was being collected from. Unrestricted mass surveillance posed a particular threat to the rights and safety of lawyers, journalists and their sources and clients.

Source: Victory! German Mass Surveillance Abroad is Ruled Unconstitutional

Germany′s data chief tells ministries WhatsApp is a no-go

Germany’s data privacy chief has told federal bodies not to use WhatsApp, amid concerns that it feeds Facebook with data. Ulrich Kelber said it appeared that the government has failed to establish enough safe services.

The Düsseldorf newspaper Handelsblatt said Kelber, previously a Social Democrat (SPD) federal parliamentarian, was reacting to complaints from citizens about the use of WhatsApp by unnamed federal authorities.

Source: Germany′s data chief tells ministries WhatsApp is a no-go | News | DW | 17.05.2020

German Federal Agencies Publish Privacy and IT Security Requirements for Digital Health Applications

On April 21, 2020, the Regulation on the Requirements and Reimbursement Process for Digital Health Applications (DiGAV) entered into force in Germany.

Among other provisions, the DiGAV includes specific IT security and privacy requirements. Shortly after the law took effect, Germany’s Federal Medicines and Medical Devices Agency (“BfArM”) also released an extensive explanatory Guidance to the DiGAV.

While the scope of application of the DiGAV and the BSI draft guidance may be limited, the documents can serve to provide useful insights and benchmarks for health applications generally.

Full article: German Federal Agencies Publish Privacy and IT Security Requirements for Digital Health Applications

1 2 3 10
>