Data Protection Bites 3/2019




Cybersecurity requirements and good practice according to the European and Polish regulations

Recently introduced EU legal acts such as the GDPR (General Data Protection Regulation) or the NIS (Network and Information Systems) Directive or the Polish Cybersecurity Act require for their correct and complete implementation not only legal knowledge, but also a great deal of technical expertise. For this reason, since the beginning of this year Rödl & Partner has expanded its service portfolio to include new auditing and advisory services in the field of IT systems and application security.

The GDPR regulates in detail certain areas of data protection but allows for some additional measures to be taken by Member States. As a result, Finland adopted the Data Protection Act (1050/2018) (fin Tietosuojalaki). The law came into force on 1st January 2019 and repealed the Personal Data Act, which was the prior main piece of domestic legislation regulating data protection.


Development of the Internet of Things in Russia

Ministry of Communications and Mass Media of the Russian Federation plans to approve the concept of (Internet of things) IoT development in Russia. Such concept provides that law enforcement authorities will be able to access information stored on IoT platforms. Moreover, closed network will be established in the Russian Federation to protect the Russian segment of the IoT.

Implementation of the GDPR in Russia

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, alternatively known as General Data Protection Regulation (hereinafter referred to as “Regulation” or “GDPR”) took effect on 25 May 2018.



Latvian Data Protection Supervisory Authority

Data State Inspectorate (DSI) has released an overview regarding current situation with GDPR awareness among the entrepreneurs in the Republic of Latvia.



Privacy in healthcare

Italian Data Protection Authority, in its memo of March 7, 2019, has provided clarifications for attending to the complete definition of the regulatory framework in the health sector that will take place through the adoption of specific guarantee measures and deontological rules (articles 2-septies and 2 quarter Codice privacy).
Click here to read the full article » 



Data Protection Impact Assessment (DPIA)

The competent supervisory authority in Spain has submitted its draft list to the European Data Protection Board (EDPB) in accordance with article 35 paragraph 4 of the GDPR. On 12th March the EDPB has adopted Opinion 3/2019 which includes the amendments to be done to our final list in order to maintain consistency with other european countries as regards to the processing operations subject to the requirement of a Data Protection Impact Assessment.

Click here to read the full article » 


Contact Person Picture

Avv. Rita Santaniello


+39 02 6328841
+39 02 63288420

Invia richiesta

Contact Person Picture

Avv. e Head of Data Protection Italy Nadia Martini

+39 02 6328841
+39 02 63288420

Invia richiesta

 Data Protection Bites

Our newsletter aims at collecting updates, news and insights on data protection matters worldwide, with a special focus on the GDPR. Read all releases »
Utilizziamo i cookies per personalizzare il sito web e offrire all’utente un servizio di maggior valore. Tra le diverse finalità, i cookies ci permettono di analizzare il percorso di navigazione dell’utente per migliorarne l’esperienza sul sito web. Continuando a navigare su questo sito accetta la politica sui cookie. Ulteriori informazioni sono contenute nostra informativa privacy.
Deutschland Weltweit Search Menu