How does the GDPR define legitimate interest? Does the legitimate interest legal base cover company interests only or can it also include third parties interests? There is no precise definition under the GDPR of what constitutes a legitimate interest and this precisely opens the room for a controller to argue that certain business activities, for […]
Category: Regulation
A Comparison of POPIA and GDPR in Key Areas
South Africa’s Protection of Personal Information Act (POPIA) will see its final sections go into effect on 30 June 2021. Furthermore, parties subject to POPIA must be fully compliant with the guidelines by 1 July 2021. A number of them may have a head start if they already adhere to established data protection guidelines such […]
HIPAA, the GDPR and MedTech
There are different regulations on how medical data can be processed and stored in different nations. If your company operates in the MedTech sector in the Western world most likely you have at least heard of HIPAA or the GDPR. This article aims at analysing how both legislations relate to healthcare. The article is particularly […]
Response to the GDPR-relevant points in the German Blockchain Strategy of September 2019
On September 12, the German Federal Ministry of Economy and Energy, and the German Federal Ministry of Finance published the German Federal Blockchain Strategy (German, PDF). After analysing the statements relating to Data Protection and GDPR, here is some high level response to the key points. Blockchain Strategy Implementation Principles [p5] “IT-Sicherheit und Datenschutz […]