VIDEO: 3G in the workplace – everything you need to know about the Corona protection regulation and its data protection
Recently, the Corona traffic light has been on red throughout Bavaria, bringing with it stricter regulations for infection control. The regulations applicable to each stage were not adjusted again to the worsening infection situation in the Free State until 05.11.2021 with the Ordinance Amending the Fourteenth Bavarian Infection Control Measures Ordinance.
Read more … VIDEO: 3G in the workplace – everything you need to know about the Corona protection regulation and its data protection
The European Union is striving to reduce traffic-related CO2 emissions. Accordingly, it has issued limit values & a new EU implementing regulation for permissible CO2 emissions for vehicles – the EU 2021/392 implementing regulation.
Read more … VIDEO: Implementing Regulation (EU) 2021/392 – Data protection and the CO2 data transfer.
Our last video article covered the topic of “The role of the data protection officer in the company”. Now, of course, the same question arises for the data protection coordinator. In this video contribution, we will illustrate to you what a data protection coordinator actually is, what his areas of responsibility are and how he is related to the data protection officer.
Read more … VIDEO: The role of the data protection coordinator
The job and especially the role of a data protection officer combined with the tasks behind it are an important part of a company. But how does a company come to appoint a data protection officer?
Establishment of Technical and Organizational Measures – The NRW Data Protection Supervisory Authority Recommends the Defense-In-Depth Approach
According to the requirements of the General Data Protection Regulation, every form of data processing must be protected by technical and organizational measures. Implementing this requirement is not easy in practice, but requires comprehensive planning. This is particularly true when introducing a new processing operation. The basic requirement for safeguarding every processing operation is set out in Article 32 of the General Data Protection Regulation. This states that the selection of specific security measures must be based on the expected risk and its probability of occurrence, but also on the circumstances of the data processing and the implementation costs.
Read more … Establishment of Technical and Organizational Measures – The NRW Data Protection Supervisory Authority Recommends the Defense-In-Depth Approach
“Knowledge is power” and knowledge about potential prospects and customers is of enormous value. Data trading has therefore been a flourishing industry for years.
Read more … Personal data as the currency of the 21st century
The data processing operations, which are becoming more and more complex as a result of globalization, are a challenge for many companies, not least in terms of data protection law. The fact that data processing does not take place centrally, but often takes place internationally scattered in a transmission chain, requires a close look at the possibilities for legitimation. It is therefore necessary to take a closer look at the new standard contractual clauses and what options they offer. In the following article, the topic of the so-called onward transfer of personal data between processors outside the EU is to be examined. In contrast to transmission, further transmission means the transfer of data from one processor to another processor.
Read more … International Data Transfers – Scope of the New Standard Contractual Clauses
Video surveillance is used by many companies. This has, for example, economic reasons, as video surveillance is more cost-efficient than a guard service. At the same time, companies have to deal with the permissibility of the video surveillance used. Within the scope of our activities, as external data protection officers, we support companies in all data protection issues. This also includes the topic of “video surveillance and data protection”. In this blog post, we explain which requirements must be met in order to operate a video surveillance system in compliance with data protection law.
Non-compliant publication of photos in brochure – employee receives compensation of € 5,000 for pain and suffering
Competent employees are a figurehead for successful companies. It is therefore standard practice for websites and other advertising materials to show photos of employees. As a ruling by the Münster Labor Court (Case No. 3 Ca 391/20) dated March 25, 2021 makes clear, data protection requirements must not be disregarded. The defendant employer was ordered to pay € 5,000 in damages for pain and suffering due to the publication of a photo of her employee without her written consent, Section 82 (1) of the GDPR, as it was a photo publication that did not comply with the GDPR. The defendant had used a picture of the plaintiff in a context related to her skin color in violation of the GDPR.
Read more … Non-compliant publication of photos in brochure – employee receives compensation of € 5,000 for pain and suffering
von Das Team der aigner business solutions GmbH
Hardly a week goes by without headlines about successful cyber attacks on companies. Not only large corporations, but also more and more small and medium-sized companies are the targets of cyber attacks. Regardless of whether the human factor is used as the attack vector or whether attacks are carried out directly on IT systems, the economic damage is enormous in most cases. In order to prevent such attacks, it is clear that a large number of IT security measures must be implemented in the company. The subject of IT and information security is complex and often not manageable. For this reason, organizations often ask themselves how one can initially approach such a complex topic in practice. Find out more about the first and, above all, essential steps to improve your information and IT security in our blog article.