Electronic patient records (ePA) in Germany From 2025, people covered by health insurance will be able to use the electronic patient records, (ePA in German), voluntarily and free of charge. This record can digitally gather information about the person’s medical history in a single place. Patients will decide how long someone is granted access to […]
Tag: data subject access requests
Guide to managing Data Subject Access Requests (DSARs) efficiently, including compliance, best practices, and obligations under the GDPR and other data privacy laws. Learn more about GDPR compliance and how TechGDPR can help you on your journey.
Guide to managing Data Subject Access Requests (DSARs) efficiently, including compliance, best practices, and obligations under the GDPR and other data privacy laws. Learn more about GDPR compliance and how TechGDPR can help you on your journey.
Data protection digest 17 Sep – 1 Oct 2024: EU Data Act as an illustration of the GDPR ‘prevail’ principle
How does the EU Data Act interact with the GDPR? The Data Act will become applicable in the EU starting on 12 September 2025. In the runup, the European Commission has published an FAQ on the new legislation. Together with the Data Governance Act, it enables a fair distribution of value by establishing clear rules […]
Data protection digest 18 Aug – 2 Sep 2024: Swiss-US data transfers, BCR guide, Clearview AI fine
In this digest issue, we explore the latest Clearview AI fine, the secure Swiss-US data transfers, the data controller’s violation of the GDPR as subject to collective actions, the privacy risks of e-shop apps, and a new privacy policy generator and BCR monitoring tool. Stay up to date! Sign up to receive our fortnightly digest […]
Data protection digest 18 Jun – 2 Jul 2024: end-to-end algorithmic audit, DPOs for small business, Vinted fine
In this issue we look at an end-to-end algorithmic audit, Vinted multimillion fine, Meta and Apple AI projects frozen in the EU, the fight against addictive feeds to minors in the US, and the Avanza Bank and Meta Pixel error case. Stay up to date! Sign up to receive our fortnightly digest via email. End-to-end […]
Data protection digest 3 – 17 Apr 2024: non-material damage dilemma when losing control of your data
In this issue, an alternative to the pay or okay consent model, the right for compensation for non-material damage, FISA reauthorisation and GDPR enforcement procedural rules updates, AI development and personal data… Stay tuned! Sign up to receive our fortnightly digest via email. Non-material damage under the GDPR In one of its recent decisions the […]
Data protection digest 18 Feb – 2 Mar 2024: web browsing data for sale, banking sector outsourcing, cybersecurity core 2.0
This issue highlights how web browsing data, non-anonymised according to America’s FTC, was sold worldwide in the Avast/Jumpshot case, the EDPB’s new enforcement action on the right of access, cloud outsourcing in the banking sector, the NIST’s new cybersecurity framework for all organisations, and federated learning analysis. Stay tuned! Sign up to receive our fortnightly […]
Data protection digest 3-16 Feb 2024: Sneakily changing terms of service and privacy policy won’t help your business
In this issue, you will find that America’s FTC is warning against retroactively changing terms of service or privacy policy. Palantir running the NHS’s new data platform in the UK, and envisaged changes to the EU GDPR enforcement framework and new dispute resolution mechanisms are also in focus. Sign up to receive our fortnightly digest […]
Data protection digest 18 Dec – 2 Jan 2024: EDPB says too early to revise GDPR, cross-border enforcement challenge ahead
In this issue, you will find the main trends in data privacy that 2024 will inherit from last year. The main areas of concern include GDPR modernisation and cross-border enforcement, the fair use of AI, international data transfers, the balance between data security and the data-driven economy, as well as children’s privacy online. Regulatory updates […]
Data protection digest 2 – 17 Dec 2023: scoring of individuals, EU data consolidation, and the ‘Internet of Behaviours’
In this issue, the EU legislators moved closer to the implementation of a digital data strategy to provide European organisations with the ability to grow and compete globally. Despite the transformative effects, civil societies and cohorts of experts warn that such consolidation of European data can undermine individual data protection rights. EU regulators and courts […]
Data protection digest 2 – 17 October 2023: DPOs duties and methodology should be clarified – latest study
This issue highlights DPOs duties in the context of ongoing compliance with the GDPR, and the continuing saga of the US adequacy decision. Also of note are monitoring and privacy issues in the workplace. Official guidance DPOs duties: The Swedish data protection agency published the results of a coordinated investigation, initiated by the EDPB, on […]