Agency Blog

Agency Blog

RSS
10 results
  • coronavirus , covid-19 , cybersecurity , privacy , data protection , GDPR , deadline suspension , obligations
    The critical situation caused by the COVID-19 pandemic at a global level has forced us to change our habits radically, to adopt social distancing measures and to use teleworking tools in order to continue performing professional tasks....
  • accountability , interoperatibilidad , Transparencia , trazabilidad , consentimiento , responsabilidad proactiva
    The consent is only one of the six lawful bases on which controllers can process personal data. However, for this to be valid, a series of requirements must be met and, in addition, controllers must be able to prove that the interested party consented to the processing of personal data....
  • During 2019, more than twenty million communications of data breaches were made directly from controllers to citizens, for which the latter have benefited from the obligation established in the GDPR to communicate breaches to the supervisory authority and, where appropriate, to the data subjects....
  • Within the framework of a processing, when selecting an encryption system, it must be considered that the options available have different characteristics; therefore, it is necessary to analyse and choose the most appropriate encryption system for the product or service in which it will be integr...
  • The AEPD has developed a tool to enable those companies and public entities that process high-risk personal data to conduct a risk analyses and impact assessments....
  • The use of encryption or encryption techniques or cryptographic techniques is a basic security element in the information policy of an agency and, more precisely, it is one of the additional guarantees that may be used to reduce the risk in personal data processing....
  • In this blog entry we will demonstrate some measures such as device encryption to limit damage when portable devices such as a laptop computer, a smartphone, a tablet or an external storage device, are lost or stolen....
  • In this blog post we intend to define what a personal data breach is, how an organisation should prepare to respond to one, how to act if one arises and when notification must be given to the AEPD and data subjects....