THE PRIVACYPERFECT BLOG

Healthcare institutions and GDPR compliance in a digital world

May 7, 2020 2:33:10 PM / by PrivacyPerfect posted in EU, Data Privacy, Data Protection, Data Security, DPO, Data Protection Officer, GDPR Controller, gdpr2020, healthdata, healthcare

Digital transformation is and has been the focus of many organisations in the last couple of years, including those of the healthcare sector. This shift brings with it new, additional aspects for all areas, a major one being data protection. In the healthcare sector, where a huge amount of sensitive personal data is being processed on a daily basis, protection of this data has to be of top priority, with strict procedures, access controls, and guidelines on privacy. As such, compliance with the GDPR, within digitized care and cure organisations, is crucial. Let’s take a look at how you can ensure compliance for your healthcare organisation without disrupting the efficiency of your work.

Read More

How can your organisation recover after a personal data breach?

Apr 30, 2020 1:00:00 PM / by PrivacyPerfect posted in EU, Data Breach, DPO, Data Protection Officer, Data Controlling, Reputation, gdpr, gdpr2020

Since the enforcement of the GDPR approximately two years ago, over 160,000 breaches have been reported from across the EU. In the Netherlands alone, almost 27,000 data breaches were reported in 2019 - a 29% increase compared to the year before. Personal data breaches happen both due to external threats and internal security incidents, and both are on the rise. Given these figures and the large amount of personal data collected by organisations, even if the necessary safeguards are in place, the odds of a data breach happening within your organisation is quite high. So, what if a personal data breach does happen, how can you make sure that your organisation recovers from it quickly and well?

Read More

Why internal data breaches happen and how to reduce the risk of one

Apr 9, 2020 9:46:32 AM / by PrivacyPerfect posted in EU, Data Protection, Data Breach, Data Security, Personal Data, gdpr2020

While the news media today is often reporting on security incidents and data breaches that happen due to external threats such as cyberattacks, internal data breaches can pose just as big of a risk for organisations. As it’s common practice that several internal stakeholders hold access to various personal data handled by their organisation, the risk of a potential internal incident is quite high. So, how can you reduce the risks? 

Read More

GDPR Easy Read: Are CISOs facing even more challenges?

Mar 31, 2020 3:13:51 PM / by PrivacyPerfect posted in EU, GDPR Compliance, Data Privacy, Data Protection, ciso, GDPR Easy Read

As a Chief Information Security Officer, you hold a vital role in protecting your organisation's most valuable data as well as their reputation. With experts suggesting the numbers of cyberattacks and data breaches to increase in the upcoming years, your role as a CISO could prove even more decisive. Recent reports have suggested that in the ever-growing pressure CISOs are met with, many are bridging cybersecurity and data privacy together.

This includes keeping up with the EU's GDPR and the numerous obligations it provides. As you continue to establish your organisation's visions, strategies and programs to ensure information assets are properly protected, how are you bridging data privacy compliance with cybersecurity? 

Read More

All you need to know about Data Processing Agreements

Mar 19, 2020 4:04:37 PM / by PrivacyPerfect posted in EU, GDPR Compliance, Data Protection, DPO, Data Protection Officer, GDPR Controller, GDPR Processor, GDPR Reputation, gdpr, DPA, gdpr2020

One way or another, almost all organisations rely on third parties for processing personal data in today’s digital world, creating a direct need for data processing agreements (DPA). Even the tools that are considered to be the basic necessities in business, such as email clients, CMS systems, data storage servers, or website analytics, all process personal data on behalf of organisations. With the introduction of the GDPR, there are strict requirements and guidelines on how this can be done in a compliant manner, through signed DPAs between the organisation (the data controller) and any party that acts as a data processor on their behalf. But what are Data Processing Agreements (DPAs), are they really necessary for you, what do they look like, and who needs to be involved from within your organisation? 

Read More

How can organisations create the perfect privacy statement?

Feb 20, 2020 5:31:59 PM / by PrivacyPerfect posted in EU, GDPR Compliance, Compliance, Data Security, Personal Data, GDPR Controller, gdpr2020

The GDPR highlights that data subjects need to be given the right to be informed about the gathering and the use of their personal data. Organisations are encouraged to fulfill this obligation through a privacy statement, that informs individuals in a clear and easily understandable manner on how their personal data is gathered and processed by the organisation. At the same time, organisations often find challenges in creating the perfect privacy statement as narrowing down a huge variety of complex legal information is not a task for the faint hearted. Furthermore, with the enforcement of the GDPR, previous privacy statements also had to be readjusted. So, what do organisations need to keep in mind for creating the perfect privacy statement, and what benefits it holds to have one, besides compliance?

Read More

What benefits and opportunities does data minimisation hold for businesses?

Feb 19, 2020 12:54:25 PM / by PrivacyPerfect posted in EU, GDPR Compliance, Data Privacy, Data Breach, GDPR For Tech Companies, gdpr, gdpr2020, data minimisation

Back when the GDPR was still within the adaptation phase, data-driven organisations and public bodies that process personal data on a large scale found the new obligation of data minimisation to be a rather vague obstacle. The GDPR states that personal data shall be adequate, relevant, and not excessive in relation to the purpose or purposes for which they are processed, but this concept still often poses challenges for some firms. At the same time, data driven organisations continue to process and gather personal data on a large scale, where data minimisation could prove that ‘bigger’ might not necessarily always mean ‘better’: after over a year since the EU privacy regulation’s enforcement, we have now learned that data minimisation actually holds several benefits for organisations that decide to embed it into their practices. Before we start looking into what data minimisation can look like in practice, let’s take a look into what this concept entails exactly according to the GDPR. 

Read More

How can GDPR compliance efforts benefit you as an NGO?

Jan 31, 2020 8:00:00 AM / by PrivacyPerfect posted in EU, GDPR Compliance, GDPR for SMEs, Reputation under GDPR, Marketing under GDPR, GDPR for Marketers, DPIA, gdpr2020, NGO

The GDPR applies to organisations and public bodies of all types, that collects and processes personal data belonging to individuals residing in the EU/EEA, charities and NGOs are also obligated to comply with the EU’s privacy regulation. As NGOs and charities handle an abundance of sensitive data, it’s important to take appropriate safeguards in order to avoid GDPR fines and cyberthreats. Numerous research has indicated that the GDPR has helped companies with an increase of consumer trust, but what does this mean for NGOs specifically in terms of potential benefits?

GDPR_Compliance_NGO

Read More

Data Breaches: The Business Risk of the Decade

Jan 23, 2020 4:00:00 PM / by The Trust Bridge posted in EU, Data Privacy, Data Protection, GDPR Fines, Data Breach, gdpr, gdpr2020

Working across the information space in both the private, not for profit and the public sector, The Trust Bridge Senior Consultant, Carol Tullo, has seen the ecosystem of data policy expand and collide with the world of information rights. Carol states that “So many of us operating in this field have balanced the advantages of the open flow of data with the tensions in the safety and compliance safeguards that we expect, be it as individuals, family units or businesses” The access, storage and tracking of personal data has changed our worlds. Protecting our data and our individual profiles is what data protection is all about. This is not new.  

Data_breaches_business_risk_decade-1

Read More

GDPR Compliance is Becoming a Key Point for Brands

Jan 16, 2020 4:10:42 PM / by PrivacyPerfect posted in EU, GDPR Compliance, Data Privacy, Data Protection, Compliance, GDPR for SMEs, Reputation, Reputation under GDPR, GDPR For Tech Companies, Marketing, Marketing under GDPR, gdpr 2019

Reports have indicated that people have become increasingly critical about their data on how it's stored and what it is being used for. It has become paramount that businesses take the extra steps in ensuring a secure and privacy compliant way of handling such personal data. As pressure heaps on businesses and brands to adopt this data privacy centered culture, why is it vital for brands to use compliance to their advantage, and not see it as a burden?
gdpr_compliance_benefit_for_brands

Read More

    Lists by Topic

    see all
    harmas_Rajztábla 1-1
    Keep informed!
    Sign up to the Weekly GDPR Digest now.