Onlangs publiceerde de Autoriteit Persoonsgegevens (AP) de “Jaarrapportage meldplicht datalekken 2021”, met een verontrustende stijging van datalekken als gevolg van cyberaanvallen. Naast het voorkomen van datalekken is het zeer belangrijk om te weten hoe te handelen in het geval van een datalek. In deze blog lees je wat je moet doen in het geval van een datalek en hoe PrivacyPerfect hierbij kan helpen.
Given the strange situation we all find ourselves in at the moment, with so many people suddenly
working from home for the first time, organizations have little time to prepare for the consequences that may arise from increased risk of cyber attacks and data breaches. All the data they have is not where it perhaps should be or protected to the same extent as it is normally. It is likely that many employees will continue to work from home for many months, if not forever.
Digital transformation is and has been the focus of many organisations in the last couple of years, including those of the healthcare sector. This shift brings with it new, additional aspects for all areas, a major one being data protection. In the healthcare sector, where a huge amount of sensitive personal data is being processed on a daily basis, protection of this data has to be of top priority, with strict procedures, access controls, and guidelines on privacy. As such, compliance with the GDPR, within digitized care and cure organisations, is crucial. Let’s take a look at how you can ensure compliance for your healthcare organisation without disrupting the efficiency of your work.
While the news media today is often reporting on security incidents and data breaches that happen due to external threats such as cyberattacks, internal data breaches can pose just as big of a risk for organisations. As it’s common practice that several internal stakeholders hold access to various personal data handled by their organisation, the risk of a potential internal incident is quite high. So, how can you reduce the risks?
The GDPR highlights that data subjects need to be given the right to be informed about the gathering and the use of their personal data. Organisations are encouraged to fulfill this obligation through a privacy statement, that informs individuals in a clear and easily understandable manner on how their personal data is gathered and processed by the organisation. At the same time, organisations often find challenges in creating the perfect privacy statement as narrowing down a huge variety of complex legal information is not a task for the faint hearted. Furthermore, with the enforcement of the GDPR, previous privacy statements also had to be readjusted. So, what do organisations need to keep in mind for creating the perfect privacy statement, and what benefits it holds to have one, besides compliance?
This is the story of one cold December for Jamie, and his data conscious filled adventure. He started the month with his Christmas shopping, all the discounts and all the best offers about - he grabbed them all, without a hint of any doubt. From the latest headphones, to pants, a new pair of white sneakers, and even some living room plants. He realised one important thing, after all that almost effortless buying, he’d not just been spending money here and there, he’d been giving his data - with almost nothing to spare.
It’s a rainy Thursday morning and I’ve just got into my driverless cab. I’d usually miss it, but because the cab now knows the average time I take to get ready, there is no actual way I could miss one. It knows where I need to go, what time I need to be there and also the preferred route I want, all through a 0.2 second scan of my thumb’s fingerprint. During my ride, I listen to the playlist made for me specially for this Thursday. It was made instantly as I typed in the first two words that came to my mind this morning. It can be any literally any word, isn’t that fun? It knows what music I want to listen to, the length of the songs I like, the mix of genres I prefer, and it also predicts the exact moments I would get bored of the song and automatically removes it from the playlist - only to replace it with an absolute banger of a song I was thinking about giving a listen to.
Data breach. Two words you just don’t want to hear after a long week. It’s finally the Friday afternoon you’d been waiting for. Weekend plans with the family, the clock has just hit 16:00, and the weather isn’t as bad as predicted. Yet, here you are, after conducting a DPIA, finding yourself in a situation where you have a mere 72 hours to handle a whole breach. In this blog post, we will discuss your options, and provide you with support to handle this procedure seamlessly.
The age old question we ask ourselves on what we receive, is to what we have to give up in order to have it. Will data become the new aspect we give up in order for tech in the health field progress? With new ways to help improve the lives of millions of people who potentially can be at their most vulnerable, personal data continues to be of major importance in health progression. At the same time, it begs the question: what will happen if business and ethics clash as a result of bettering healthcare?
New cookie guidance, joint controllership status due to social media plugins, and tech companies spying on you through their digital assistants - they might be listening when you ask Google or Siri for the route back home from France. The weeks from the 20th of July to the 10th of August were hectic. Instead of going through piles of news around data privacy from the summer months, get quickly caught up by looking at a summary of the most important happenings in this short blog post, the second of a three piece series, focusing on the last two summer months.