Information security, data protection and IT security are three terms that are often used in the same context in everyday life, but have different meanings. The corresponding measures usually go hand in hand, but data protection, data security and IT security have very different priorities. All three areas are of crucial importance within a company. You can find out what is important in detail and what the specific differences are in the blog article.
Read more … Information security, IT security and data protection – terms simply explained
The judgment of the European Court of Justice, which determined the ineffectiveness of the Privacy Shield Agreement between the European Union and the USA (Schrems II), did not go unnoticed in the USA either. In response, the US Department of Commerce has now published a white paper on data protection risk analysis as part of data export to the USA.
Read more … Response to Schrems II judgment US Department of Commerce publishes white paper
von Das Team der aigner business solutions GmbH
Hardly a week goes by without headlines about successful cyber attacks on companies. Not only large corporations, but also more and more small and medium-sized companies are the targets of cyber attacks. Regardless of whether the human factor is used as the attack vector or whether attacks are carried out directly on IT systems, the economic damage is enormous in most cases. In order to prevent such attacks, it is clear that a large number of IT security measures must be implemented in the company. The subject of IT and information security is complex and often not manageable. For this reason, organizations often ask themselves how one can initially approach such a complex topic in practice. Find out more about the first and, above all, essential steps to improve your information and IT security in our blog article.
von Das Team der aigner business solutions GmbH
In today’s digital age in particular, it is important that companies take sufficient technical and organizational measures to protect personal data in accordance with GDPR.
From a factual point of view, absolute protection must be rejected. Nevertheless, there are measures that almost certainly prevent personal data from reaching unauthorized persons unhindered. In this blog article, we answer how protection is to be guaranteed.
According to Article 32 GDPR, technical, organizational measures are prescribed measures to ensure the security of the processing of personal data.
Read more … GDPR explained simply: TOMs – technical-organizational measures
In our blog article “ISMS – simply explained, Part 1: The importance of an ISMS for your company,” we have already described what you have to look out for when introducing an ISMS. In this blog article we introduce you to risk management as an essential component for the successful introduction of an ISMS. The task of risk management is to determine the company risks and to disclose their possible effects on your company and to treat them accordingly.
Read more … ISMS – simply explained Part 2: Risk management as an essential part of the ISMS
In order to successfully implement an information security management system (ISMS) in a company, every company needs an information security officer (ISB). In this article we show you the extensive tasks of the ISB.
You just have to know what to look for! In our video we address the most important questions.
Read more … Data protection and marketing – what do you have to consider?
According to the concept of Art. 6 Para. 1 GDPR, all possible legal bases for data processing are equally valid. When examining the legality of data processing, the necessity to execute a contract (Art. 6 Paragraph 1 lit. . f GDPR). Nevertheless, the data protection law approval according to Art. 6 Para. 1 lit. a GDPR continues to be popular and is often viewed as the legal basis of choice.
However, if you would like data processing in your company to be based on consent, a few important points must be observed. Particularly with the supposedly easy-to-use declaration of consent, problems lurk in detail which, if not observed, can lead to unlawful data processing.
Read more … Consent under data protection law – avoid mistakes and pitfalls
The so-called “Schrems2” judgment of the ECJ, with which the US-EU Privacy Shield was overturned, is currently stirring up data protection officers and companies. In the video you can find out everything you currently need to know about the EU-US Privacy Shield. We’ll also tell you what to look out for in the company!
Read more … The EU-US Privacy Shield – everything you need to know about the Schrems 2 judgment in the video!
von Rainer Aigner
It took a long time, but now it actually happened that the Austrian lawyer Max Schrems brought the data transfer to the USA before the ECJ again. He was right again. The so-called “Schrems2” judgment of the ECJ, with which the US-EU Privacy Shield was overturned, is currently stirring up data protection officers and companies. In our blog article and video you will find out everything you currently need to know about EU-US privacy. We’ll also tell you what to look out for in the company!
Read more … Data transfer to the USA: an endless story with a lot of risk – current! The US-EU Privacy Shield