Blog
Filters
68 results
-
Personal data breaches: protect yourself against ransomware
Ransomware is a significant cyberthreat to personal data in both SMEs and large companies. We tell you how to protect yourself.
Read more
-
Privacy Engineering
The National Institute of Standards and Technology (NIST) defines privacy engineering as: A specialization within systems engineering focused on providing the guidelines necessary for reducing risks affecting privacy and enabling organizations to take fundamental decisions in relation to the...
Read more
-
Personal data breaches: what they are and how to respond
In this blog post we intend to define what a personal data breach is, how an organisation should prepare to respond to one, how to act if one arises and when notification must be given to the AEPD and data subjects.
Read more
-
Data breaches: protect yourself against the loss or theft of a portable device
In this blog entry we will demonstrate some measures such as device encryption to limit damage when portable devices such as a laptop computer, a smartphone, a tablet or an external storage device, are lost or stolen.
Read more
-
Encryption and Privacy: Encryption in the GDPR
The use of encryption or encryption techniques or cryptographic techniques is a basic security element in the information policy of an agency and, more precisely, it is one of the additional guarantees that may be used to reduce the risk in personal data processing.
Read more
-
Do you know Gestiona?
The AEPD has developed a tool to enable those companies and public entities that process high-risk personal data to conduct a risk analyses and impact assessments.
Read more
-
Encryption and Privacy II: Lifespan of personal data
Within the framework of a processing, when selecting an encryption system, it must be considered that the options available have different characteristics; therefore, it is necessary to analyse and choose the most appropriate encryption system for the product or service in which it will be...
Read more
-
Data breach: communication to the data subject
During 2019, more than twenty million communications of data breaches were made directly from controllers to citizens, for which the latter have benefited from the obligation established in the GDPR to communicate breaches to the supervisory authority and, where appropriate, to the data subjects...
Read more
-
Consent receipt: A tool for transparency and proactive accountability
The consent is only one of the six lawful bases on which controllers can process personal data. However, for this to be valid, a series of requirements must be met and, in addition, controllers must be able to prove that the interested party consented to the processing of personal data.
Read more