Posts

Datenschutzbußgeld aufgrund Verstöße von Art. 38 & 39 DSGVO - verhängt von der Datenschutzaufsichtsbehörde Luxemburg - Datenschutz - Daten - Bußgeld - Data protection - Datenschutzbeauftragter - Datenschutzkoordinator - DSB - DSK - Aufsichtsbehörde - Datenschutzgrundverordnung - DSGVO - BDSG neu - TTSDG

VIDEO: Data protection fine due to breaches of Art. 38 & 39 GDPR – imposed by the data protection supervisory authority Luxembourg

During an audit of a company, deficiencies in the implementation of Art. 38 and Art. 39 GDPR were identified and a fine of 15,000 euros was imposed.
Read more

Die 10 wichtigsten Neuerungen/Regelungen des TTDSGs - TTDSG - Datenschutz - Telekommunikationsgesetzt - TGK - Telemediendatenschutzgesetz - Personenbezogene Daten - Auftragsverarbeiter - Web - Webvideokonferenzsysteme - Zoom - Teams - Webex

VIDEO: The 10 most important innovations/regulations of the TTDSG

The new Telecommunications Telemedia Data Protection Act came into force on 01.12.2021. You can find out everything you need to know about the new law in our YouTube video.
Read more

Bußgeldverfahren wegen unzureichender Einbindung des Datenschutzbeauftragten – DSB muss stets richtig und umfassend eingebunden werden!

GDPR fine – fine proceedings due to insufficient involvement of the data protection officer

The Luxembourg data protection authority has imposed a GDPR fine in several cases on companies that fail to meet its standards for the position of data protection officers (DPOs) and is tightening its requirements for DPOs in the process. German authorities could follow these requirements.
Read more

3G am Arbeitsplatz - alles Wissenswerte zur Corona Schutzverordnung und deren Datenschutz

VIDEO: 3G in the workplace – everything you need to know about the Corona protection regulation and its data protection

Recently, the Corona traffic light has been on red throughout Bavaria, bringing with it stricter regulations for infection control. The regulations applicable to each stage were not adjusted again to the worsening infection situation in the Free State until 05.11.2021 with the Ordinance Amending the Fourteenth Bavarian Infection Control Measures Ordinance.
Read more

VIDEO: Durchführungsverordnung (EU) 2021/392 - Datenschutz und die CO2-Datenübermittlung

VIDEO: Implementing Regulation (EU) 2021/392 – Data protection and the CO2 data transfer.

The European Union is striving to reduce traffic-related CO2 emissions. Accordingly, it has issued limit values & a new EU implementing regulation for permissible CO2 emissions for vehicles – the EU 2021/392 implementing regulation.
Read more

Durchführungsverordnung EU 2021/392 - Datenschutz und die CO2 Datenübermittlung

Implementing Regulation (EU) 2021/392 – Data protection and the CO2 data transfer

One of the special challenges of a data protection officer is to be allowed to deal with what at first glance appear to be non-technical issues directly from practice. The Implementing Regulation EU 2021/392 on the monitoring and reporting of data on CO2 emissions from passenger cars and light commercial vehicles certainly falls into this area.

Read more

Die

VIDEO: The role of the data protection coordinator

Our last video article covered the topic of “The role of the data protection officer in the company”. Now, of course, the same question arises for the data protection coordinator. In this video contribution, we will illustrate to you what a data protection coordinator actually is, what his areas of responsibility are and how he is related to the data protection officer.
Read more

Videobeitrag - Video - Datenschutz - Rolle - Rolle des Datenschutzbeauftragten - Datenschutzbeauftragte - DSB - DSGVO - intern - extern - BDSG - BDSG neu

VIDEO: The role of the data protection officer

The job and especially the role of a data protection officer combined with the tasks behind it are an important part of a company. But how does a company come to appoint a data protection officer?
Read more

Aufbau Technischer und Organisatorischer Maßnahmen - Die Datenschutzaufsichtsbehörde NRW empfiehlt den Defense-In-Depth-Ansatz

Establishment of Technical and Organizational Measures – The NRW Data Protection Supervisory Authority Recommends the Defense-In-Depth Approach

Securing data processing

According to the requirements of the General Data Protection Regulation, every form of data processing must be protected by technical and organizational measures. Implementing this requirement is not easy in practice, but requires comprehensive planning. This is particularly true when introducing a new processing operation. The basic requirement for safeguarding every processing operation is set out in Article 32 of the General Data Protection Regulation. This states that the selection of specific security measures must be based on the expected risk and its probability of occurrence, but also on the circumstances of the data processing and the implementation costs.

What my Defense-In-Depth approach

The Defense-In-Depth approach is the multi-layered design of a security system to defend against attacks. The decisive factor here is that no single, isolated security measure is taken. Rather, multiple measures must be combined in such a way that if one measure fails or is overcome, the other measures compensate for the gap and continue to ensure the security of data processing.

This system was developed for military purposes, with a different objective in detail, and then applied to the concept of information security.

However, this risk-based approach can also be applied when planning comprehensive protection of data processing operations.

Data protection supervisory authority recommends defense-in-depth approach

In its annual report presented on August 31, 2021, the State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia now points out the fundamental importance of the defense-in-depth approach for securing data processing. Thus, using a number of practical examples, it explained that errors leading to a breach of personal data protection can occur at any time. According to the state commissioner, this could happen even without the intention of those responsible. For this reason, the defense-in-depth approach has become established in practice. (https://www.ldi.nrw.de/mainmenu_Aktuelles/Inhalt/26_-Bericht/26_-Bericht-LDI-NRW.pdf P. 156)

 

If you have any questions regarding the technical and organizational safeguarding of your processing operations, please do not hesitate to contact your team at aigner business solutions GmbH. Simply use our contact form for this purpose. You can also reach us by phone at our headquarters in Hutthurm on +49 (0) 8505 91927 – 0 or at our branch office in Munich on +49 (0) 89 413 2943 – 0.

Jedes zehnte Cookie-Banner verstößt gegen geltendes Recht

Every tenth cookie banner violates applicable law

This is the result of a review of nearly 1000 websites by consumer centers and consumer associations. As reported by their federal association on 17.09.2021, several consumer centers and associations have checked the websites to see whether they use cookie banners in compliance with the law.

Read more