Post by account_disabled on Feb 27, 2024 3:38:38 GMT -5
There are still many unclear aspects of the GDPR, the new acronym that has been shaking the pulses of entrepreneurs, consultants and public entities for a few weeks and which will come into full force starting from May 25, 2018 . The new General Data Protection Regulation (in English “General Data Protection Regulation” – EU Regulation 2016/679), launched by the European Union in 2016 with the aim of standardizing and regulating the processing of personal data within countries members, is in fact accompanied by doubts and uncertainties, which concern its content, the methods of adaptation and even the start date of the application. To better orient ourselves within the new provisions and the requirements that must be met to be in compliance , we contacted the lawyer Francesco De Sanzuane to whom we asked a few questions. Q: Some key words emerge from the European Regulation such as: privacy by design, accountability, data breach, data portability, data protection officer. Let's try to explain the content of the GDPR 2018 starting from the latter? A: Of course, let's start with privacy by design , which helps us give some general information.
Specifically, this concerns Article 25 of the GDPR which states that, depending on Panama mobile number list the nature, context and purposes of the processing, the Data Controller is required to implement measures (technical, organisational, pseudonymisation , etc.) and the tools that can protect data effectively, also with reference to their minimization - i.e. the minimum reduction of the quantity of data requested. In other words, privacy by design is nothing other than the adaptation of the data collection procedure to the quality of the data or to the type of user who turns to the portal and means that: when designing a specific action or online system, for example a marketing campaign with user data collection, the company (or the agency or public body that sets it up) will have to try to predict the risk of data breach of the data itself, the reception flow (from where does it arrive: online or offline?) and the quality of the data (is it "only" personal data, such as name, surname and email, or even sensitive data such as biometric data, for example). Once you've identified these elements, you can design the interface or whatever tool you want to use to collect the data.
2018 risk xessment It is therefore necessary for it to be a proactive study , with which to prevent problems that may arise in data management, considering privacy as a central factor of the project when designing a portal or a specific online action and also considering a procedure to minimize the data received . The basic idea of the Regulation is, in fact, that there is as much as possible a contraction of the data that is processed, also to the advantage of the company itself which, having less data, consequently has fewer obligations to comply with and therefore fewer tasks, with also a cost optimization of the entire process. It is then always mandatory to understand how long it is necessary to manage this data before deleting it. It is clear that privacy by design is much more stringent for those who work on the internet than for those who work offline. And accountability , what is it? It is another principle introduced by the Regulation and very linked to privacy by design: some have translated it as " responsibility ": this term refers to the xessment that the owner must make in order to then be able to organize himself in the best possible way and guarantee the safety of the personal data, obviously in compliance with the regulation.
Specifically, this concerns Article 25 of the GDPR which states that, depending on Panama mobile number list the nature, context and purposes of the processing, the Data Controller is required to implement measures (technical, organisational, pseudonymisation , etc.) and the tools that can protect data effectively, also with reference to their minimization - i.e. the minimum reduction of the quantity of data requested. In other words, privacy by design is nothing other than the adaptation of the data collection procedure to the quality of the data or to the type of user who turns to the portal and means that: when designing a specific action or online system, for example a marketing campaign with user data collection, the company (or the agency or public body that sets it up) will have to try to predict the risk of data breach of the data itself, the reception flow (from where does it arrive: online or offline?) and the quality of the data (is it "only" personal data, such as name, surname and email, or even sensitive data such as biometric data, for example). Once you've identified these elements, you can design the interface or whatever tool you want to use to collect the data.
2018 risk xessment It is therefore necessary for it to be a proactive study , with which to prevent problems that may arise in data management, considering privacy as a central factor of the project when designing a portal or a specific online action and also considering a procedure to minimize the data received . The basic idea of the Regulation is, in fact, that there is as much as possible a contraction of the data that is processed, also to the advantage of the company itself which, having less data, consequently has fewer obligations to comply with and therefore fewer tasks, with also a cost optimization of the entire process. It is then always mandatory to understand how long it is necessary to manage this data before deleting it. It is clear that privacy by design is much more stringent for those who work on the internet than for those who work offline. And accountability , what is it? It is another principle introduced by the Regulation and very linked to privacy by design: some have translated it as " responsibility ": this term refers to the xessment that the owner must make in order to then be able to organize himself in the best possible way and guarantee the safety of the personal data, obviously in compliance with the regulation.