Risk Assessment Personal data protection should be the cornerstone of risk assessments for organisations. The Polish regulator UODO came to this conclusion after investigating a ransom attack in a children’s clinical hospital in Białystok. Access to IT systems was blocked, which resulted in a breach of confidentiality and availability of personal data of approximately 2,000 […]
Tag: data subject access requests
Guide to managing Data Subject Access Requests (DSARs) efficiently, including compliance, best practices, and obligations under the GDPR and other data privacy laws. Learn more about GDPR compliance and how TechGDPR can help you on your journey.
Guide to managing Data Subject Access Requests (DSARs) efficiently, including compliance, best practices, and obligations under the GDPR and other data privacy laws. Learn more about GDPR compliance and how TechGDPR can help you on your journey.
Seven Actionable Steps to Achieve GDPR Compliance for E-Commerce Businesses
GDPR compliance helps businesses to ensure transparency, build customer trust, enhance data security, and avoid fines of up to €20 million or 4% of turnover. Many companies such as Amazon, LinkedIn, Clearview, and Netflix among others, have faced significant fines due to data protection failures. E-commerce businesses process large amounts of personal data, including contact […]
Data protection digest 18 Apr – 2 May 2025: data controller obligation to monitor deletion or return of personal data held by the processor
Data controller obligation Upon termination of a processing agreement, the controller is obliged to monitor the deletion of personal data held by the processor. Such was a ruling by the Higher Regional Court of Dresden, Germany, closely looked at by a DLA Piper analysis. The plaintiff was a user of the online music streaming service […]
Data protection digest 18 Mar – 2 Apr 2025: 23andMe bankruptcy case, digital spring cleaning
23andMe genetic data The 23andMe genetic company filed for bankruptcy in the US after struggling with weak demand for its ancestry testing kits and a 2023 data breach that damaged its reputation, Reuters reports. US officials had questioned what would happen to the genetic data collected by 23andMe, although the company’s privacy policies state that […]
Data protection digest 16-30 Jan 2025: The intersection of information and operational technologies in the health sector
EU Health sector The Commission presented an EU Action Plan to improve health sector cybersecurity. It will include hospitals, clinics, care homes, rehabilitation centres, various healthcare providers, the pharmaceutical, medical and biotechnology industries, medical device manufacturers, and health research institutions. A significant challenge for the cybersecurity of the health sector is the intersection of information […]
Data protection digest 16-31 Dec 2024: citizens’ privacy awareness is on the rise, yet attitude relies on income and obligations
Citizens’ privacy awareness: According to the latest survey by the Lithuanian data protection authority, a larger share of the public can correctly name an institution, (other than courts), that would help protect their rights in personal data protection. The regulator’s name, (VDAI), was indicated by 29% of respondents. 15% of respondents believe that they have […]
Data protection digest 16-30 Nov 2024: Electronic patient records as a holistic picture of your health?
Electronic patient records (ePA) in Germany From 2025, people covered by health insurance will be able to use the electronic patient records, (ePA in German), voluntarily and free of charge. This record can digitally gather information about the person’s medical history in a single place. Patients will decide how long someone is granted access to […]
Data protection digest 17 Sep – 1 Oct 2024: EU Data Act as an illustration of the GDPR ‘prevail’ principle
How does the EU Data Act interact with the GDPR? The Data Act will become applicable in the EU starting on 12 September 2025. In the runup, the European Commission has published an FAQ on the new legislation. Together with the Data Governance Act, it enables a fair distribution of value by establishing clear rules […]
Data protection digest 18 Aug – 2 Sep 2024: Swiss-US data transfers, BCR guide, Clearview AI fine
In this digest issue, we explore the latest Clearview AI fine, the secure Swiss-US data transfers, the data controller’s violation of the GDPR as subject to collective actions, the privacy risks of e-shop apps, and a new privacy policy generator and BCR monitoring tool. Stay up to date! Sign up to receive our fortnightly digest […]
Data protection digest 18 Jun – 2 Jul 2024: end-to-end algorithmic audit, DPOs for small business, Vinted fine
In this issue we look at an end-to-end algorithmic audit, Vinted multimillion fine, Meta and Apple AI projects frozen in the EU, the fight against addictive feeds to minors in the US, and the Avanza Bank and Meta Pixel error case. Stay up to date! Sign up to receive our fortnightly digest via email. End-to-end […]
- 1
- 2
- 3
- 4
- Next Page »
Do you need support on data protection, privacy or GDPR? TechGDPR can help.
Request your free consultation