Blog
Filters
65 results
-
Notification of personal data security breaches during the state of alarm
The critical situation caused by the COVID-19 pandemic at a global level has forced us to change our habits radically, to adopt social distancing measures and to use teleworking tools in order to continue performing professional tasks. This has led to an increase in risks and threats that take...
Read more
-
Phishing Campaigns Regarding The Coronavirus
The alert situation caused by the coronavirus at a global level is a dangerous breeding ground for phishing attacks, which are being carried out internationally through instant messaging services, e-mail and any social media. Cybercriminals always try to take advantage of situations of fear and...
Read more
-
Consent receipt: A tool for transparency and proactive accountability
The consent is only one of the six lawful bases on which controllers can process personal data. However, for this to be valid, a series of requirements must be met and, in addition, controllers must be able to prove that the interested party consented to the processing of personal data.
Read more
-
Data breach: communication to the data subject
During 2019, more than twenty million communications of data breaches were made directly from controllers to citizens, for which the latter have benefited from the obligation established in the GDPR to communicate breaches to the supervisory authority and, where appropriate, to the data subjects...
Read more
-
Encryption and Privacy II: Lifespan of personal data
Within the framework of a processing, when selecting an encryption system, it must be considered that the options available have different characteristics; therefore, it is necessary to analyse and choose the most appropriate encryption system for the product or service in which it will be...
Read more
-
Do you know Gestiona?
The AEPD has developed a tool to enable those companies and public entities that process high-risk personal data to conduct a risk analyses and impact assessments.
Read more
-
Encryption and Privacy: Encryption in the GDPR
The use of encryption or encryption techniques or cryptographic techniques is a basic security element in the information policy of an agency and, more precisely, it is one of the additional guarantees that may be used to reduce the risk in personal data processing.
Read more
-
Data breaches: protect yourself against the loss or theft of a portable device
In this blog entry we will demonstrate some measures such as device encryption to limit damage when portable devices such as a laptop computer, a smartphone, a tablet or an external storage device, are lost or stolen.
Read more
-
Personal data breaches: what they are and how to respond
In this blog post we intend to define what a personal data breach is, how an organisation should prepare to respond to one, how to act if one arises and when notification must be given to the AEPD and data subjects.
Read more