61 results

  • Ransomware

    Personal data breaches: protect yourself against ransomware

    Ransomware is a significant cyberthreat to personal data in both SMEs and large companies. We tell you how to protect yourself.

    Read more

  • 2019-09-11-gears

    Privacy Engineering

    The National Institute of Standards and Technology (NIST) defines privacy engineering as: A specialization within systems engineering focused on providing the guidelines necessary for reducing risks affecting privacy and enabling organizations to take fundamental decisions in relation to the...

    Read more

  • security

    Personal data breaches: what they are and how to respond

    In this blog post we intend to define what a personal data breach is, how an organisation should prepare to respond to one, how to act if one arises and when notification must be given to the AEPD and data subjects.

    Read more

  • 2019-10-02-seguridad

    Data breaches: protect yourself against the loss or theft of a portable device

    In this blog entry we will demonstrate some measures such as device encryption to limit damage when portable devices such as a laptop computer, a smartphone, a tablet or an external storage device, are lost or stolen.

    Read more

  • 2019-11-15-cifrado

    Encryption and Privacy: Encryption in the GDPR

    The use of encryption or encryption techniques or cryptographic techniques is a basic security element in the information policy of an agency and, more precisely, it is one of the additional guarantees that may be used to reduce the risk in personal data processing.

    Read more

  • Herramienta Gestiona

    Do you know Gestiona?

    The AEPD has developed a tool to enable those companies and public entities that process high-risk personal data to conduct a risk analyses and impact assessments.

    Read more

  • Criptografía y Privacidad II

    Encryption and Privacy II: Lifespan of personal data

    Within the framework of a processing, when selecting an encryption system, it must be considered that the options available have different characteristics; therefore, it is necessary to analyse and choose the most appropriate encryption system for the product or service in which it will be...

    Read more

  • Brechas de seguridad

    Data breach: communication to the data subject

    During 2019, more than twenty million communications of data breaches were made directly from controllers to citizens, for which the latter have benefited from the obligation established in the GDPR to communicate breaches to the supervisory authority and, where appropriate, to the data subjects...

    Read more

  • Consentimiento

    Consent receipt: A tool for transparency and proactive accountability

    The consent is only one of the six lawful bases on which controllers can process personal data. However, for this to be valid, a series of requirements must be met and, in addition, controllers must be able to prove that the interested party consented to the processing of personal data.

    Read more