von Kathrin Weigl
We draw this conclusion clearly from the published concept of the German supervisory authorities, which provides information on how they intend to measure the GDPR fine for data protection violations in the future.
von Nadja-Maria Becke
The GDPR meets practice. At the data protection day in Cologne on September 24th, 2019, experts discussed concrete implementation experiences with the new regulations. A surprising amount is still open. The point of contention is, in particular, the obligation to report data breaches.
Read more … Data protection day in Cologne shows: there is still uncertainty when reporting data breaches
von Carola Aigner
The second European Payment Services Directive (PSD2), which applies within the EU and contains both regulatory and civil law elements, has been in full effect since September 14, 2019. What does this mean? What exactly is to be observed? What effects does PSD2 have on data protection for payment data? You can find out in the article.
Read more … Second European Payment Services Directive PSD2 (Payment Services Directive 2)
von Carolin Bauer
If an employee is suspected of committing a crime, this presents a company with major challenges. Important points must also be observed in internal investigations with regard to employee data protection.
Read more … Employee data protection in the event of criminal offenses
von Andreas Ofner
Here in Germany there are some legal bases or guidelines that require a company to record individual work steps. So z. B. in data protection law, tax law or in quality management. But is there a synergy or overlap in the documentation requirement in this context? We take a closer look at the process documentation according to the GoBD.
Read more … Behavioral documentation according to the GoBD – synergies between data protection law and tax law
von Tobias Damasko
A backup is often the last resort when it comes to loss of data or encryption by an extortion trojan. In order to make the backup GDPR-compliant, the handling of deletion requests should be included in the backup and restore concept in accordance with Art. 17 GDPR.