Publication: Digital Guardian
Author: Nate Lord
Quoted: Donna Taylor
27 security pros discuss how GDPR will impact information security teams globally.
https://digitalguardian.com/blog/gdpr-compliance-infosec-impact-2018
Industry insights and thought-provoking analysis…
Publication: Digital Guardian
Author: Nate Lord
Quoted: Donna Taylor
27 security pros discuss how GDPR will impact information security teams globally.
https://digitalguardian.com/blog/gdpr-compliance-infosec-impact-2018
Publication: Digital Guardian
Author: Ellen Zhang
Quoted: Donna Taylor
22 cloud security experts reveal top benefits cloud computing brings to information security teams today.
The role and responsibilities of the Data Protection Officer (DPO) in helping an entity to comply with the European Union General Data Protection Regulation (EU GDPR) presents unique challenges in-and-of-itself. However, it also requires a unique working relationship both internally and externally in order to avoid conflicts of interest. This post will explore the delicate balance that must be struck by the DPO in being simultaneously employed by an entity, while maintaining an appropriate distance and autonomy from that same entity in the performance of his/her duties. Although employed by the entity that collects, stores, and processes data, the DPO’s ultimate loyalty is owed to the Data Subject.
Continue reading “EU GDPR: The Special Role and Responsibilities of the DPO”
In a previous post I highlighted and analyzed various aspects of the European Union General Data Protection Regulation (EU GDPR) and provided a summary of my recommendations. This post will more fully explore some of them specifically. My recommendations are listed in sequential order, because it’s crucial that those responsible for the protection of EU citizens’ data take-the-lead in the development and execution of their firm’s protocols. This is true whether an entity is required to hire/assign a Data Protection Officer (DPO) or gives the responsibility to the Data Controller. It is also important to note that recent court rulings have shown an increasing willingness to hold individuals responsible, not merely the firms for which they work.
Continue reading “EU GDPR: Recommendations for Data Protection Compliance”
The European Union General Data Protection Regulation (EU GDPR) was adopted on 27 April 2016 and will go into effect on 25 May 2018. Halfway through this “transition period,” few companies are prepared to address the enhanced data protection requirements outlined in the Reg. Confusion about, and interpretation of, any document with legal effect presents challenges to those impacted by it. This is especially true when the stakes are so high.
It is vital to understand the definitions contained within the European Union General Data Protection Regulation (EU GDPR) in order to comply with the provisions; this is true for any document with legal effect. While it is tempting to assume the meaning of a word or phrase, it would be unwise to guess at it. Therefore, I have created this blog post to identify and define within the meaning of this Reg certain key words and phrases. This posting may prove useful as you read my other blogs related to the EU GDPR.