- data protection, GDPR, legal, privacy
We had a great event February 2017 with several experts advising members on how to comply with the newest data privacy regulations as well as protect against cyber attacks. More on that event here.
Participants were interested in further information about this topic, and DABF member Tonny Rabjerg from Codesealer, which delivers “INVISIBLE END-TO-END WEB SECURITY, protecting against Man-in-the-Middle/Browser, without user installation”, kindly prepared for us this short article with links.
- This first resource gives very good insight into the new EU GDPR regulation and what can be expected regarding local Danish adoption. The final recommendation is expected end April 2017 for approval in government Nov 2017 (and final deadline for implementation May 25, 2018).
- Both IT-B (IT Association) and DI-Digital have created some good guidelines to the regulation
- http://di.dk/Virksomhed/Produktion/IT/itsikkerhed/personoplysninger/Pages/Vejledningompersondataforordningen.aspx (really good!)
- Two articles written by Tonny about EU GDPR (in Danish)
Another good resource on how small companies should implement the new laws, comes from FDIH, the Danish E-commerce Association, through an excellent 3-hour course they do periodically (in Danish) called Bliv klogere på den nye persondataforordning. You can inquire about their upcoming events here.
- From FDIH: “I skal have fuldstændig styr på, hvilke persondata I behandler, hvor de kommer fra og om data deles med andre. I skal have beskrevet jeres interne instrukser for behandling af persondata, procedurer for sletning, sikkerhedsprocedurer osv. I skal også beskrive, hvordan I vil håndtere henvendelser fra de registrerede, hvis de vil have indsigt i oplysninger, have oplysninger slettet, eller have oplysninger overført til andre mm”
And regarding the US Privacy Shield, more information can be found here:
- “The EU-U.S. Privacy Shield is a robust new system to protect the personal data of Europeans and ensure legal certainty for businesses. It brings stronger data protection standards that are better enforced, safeguards on government access, and easier redress for individuals in case of complaints. The new framework will restore the trust of consumers when their data is transferred across the Atlantic”
- https://www.privacyshield.gov/welcome: how to comply with data protection requirements when transferring personal data from the European Union to the United States
- https://www.privacy-europe.com/blog/privacy-shield-adopted-mean-businesses/: The Privacy Shield principles include notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access and recourse, enforcement and liability. Businesses adopting the principles are bound by them from the moment of self-certification.