Nicht aus der Schweiz? Besuchen Sie lehmanns.de
Blue Paper on Data Protection - A Data Breach Accountability Framework - Guido Reinke

Blue Paper on Data Protection - A Data Breach Accountability Framework

How to reduce the risk of GDPR sanctions (Professional Publication)

(Autor)

Buch | Softcover
180 Seiten
2020
Gold Rush Publishing (Verlag)
978-1-908585-14-1 (ISBN)
CHF 17,40 inkl. MwSt
  • Titel nicht im Sortiment
  • Artikel merken
Blue Papers are a new notion in concept papers. This one provides the legal position of the General Data Protection Regulation (GDPR) on data security and data breaches. In particular, it presents a legally defensible compliance position for organisations in the form of a practical Accountability Framework for handling actual data breaches. It is best guidance for professionals, politicians, scholars, and all who wish to glean more insight into how to develop a robust data protection framework. What readers will find in this Blue Paper will empower them to assess their real situation and will aid them in conceptualising practical solutions.

Guido Reinke is a Data Protection Officer with a business assurance, legal and regulatory compliance background. He has advised firms on how to design and implement global privacy frameworks. After working for the European Commission, he took employment with regulated industries and at Big Four professional services firms. He holds a LL.M. from Queen Mary University Law School and a PhD in Politics and International Relations from the University of London, and has lectured on Regulatory Governance at the London School of Economics. He is author of a book on data transfer between the EU and third countries, and of several other publications on regulatory compliance.

FOREWORD
ACKNOWLEDGEMENTS
TABLE OF CONTENTS
LIST OF ACRONYMS
LIST OF FIGURES
EXECUTIVE SUMMARY
PART I: OVERVIEW OF THE BLUE PAPER; THE LEGAL POSITION ON DATA SECURITY AND BREACHES
1. INTRODUCTION
1.1 Key objectives, assumptions and value for data controllers
1.2 Scope of this Blue Paper
1.3 Structure of this Blue Paper
1.4 Methodology applied and resources used
2. THE LEGAL POSITION OF THE GDPR ON DATA SECURITY AND DATA BREACHES
2.1 Why data breaches occupy a unique position
2.2 The integrity and confidentiality principle (Article 5(1)(f))
2.3 The legal definition of security of processing (Article 32) and DPIAs (Article 35)
2.4 Safeguarding the rights of data subjects through PbD&D (Article 25)
2.5 The relevance of data breach notifications (Articles 33 and 34)
2.6 Cooperation and prior consultation with the DPSA (Articles 31 and 36)
2.7 The concept of “demonstrating” compliance with the Regulation
2.8 Demonstrating risk prevention and damage mitigation
3.9 Conclusions of the legal review
PART II: INSIGHTS FROM REGULATORS AND DATA PROTECTION PRACTITIONERS
3. THE EMPIRICAL DATA: ANALYSIS OF DATA BREACHES
3.1 Sanctions by national DPSAs
3.2 Sanctions for data breaches vs. other GDPR provisions that carry liability
3.3 The consistency of enforcement across the EEA
3.4 GDPR sanctions by DPSAs (Sanctions Directory)
3.5 Case studies: Lessons to be learned for after the data breach
3.5.1 Case One: DoorsLetep Dispensaree Ltd.
3.5.2 Case Two: Cathay Pacific Airways Ltd.
3.5.3 Case Three: WM Morrison Supermarkets plc
3.5.4 Case Four: British Airways
3.5.5 Case Five: Marriott International
4. HOW CAN ORGANISATIONS PROTECT THEMSELVES FROM DATA BREACH SANCTIONS?
4.1 Insights obtained by survey respondents who are professionals in the data protection field
4.1.1 Governance and policy
4.1.2 Processes and procedures
4.1.3 Technology
4.1.4 DPSA response to data breaches
4.2 Insights obtained from authors’ participant observation of privacy events
4.2.1 Governance and policy
4.2.2 Processes and procedures
4.2.3 Technology
4.3 Implement appropriate technical and organisational security measures
4.4 Demonstrate compliance: Independent assurance and approved certifications
4.5 Synthesis for practitioners
PART III: A NEW COMPLIANCE MODEL: THE DATA BREACH ACCOUNTABILITY FRAMEWORK
5. CONCLUSIONS: HOW ORGANISATIONS CAN IMPROVE THEIR COMPLIANCE MATURITY
5.1 DPR enforcement by national DPSAs and oversight at European level
5.2 Building a legally defensible compliance position: The Data Breach Accountability
BIBLIOGRAPHY
TOOLKITS – Resources for Professionals
Toolkit 1: Tables analysing the results of the data breach survey
Toolkit 2: Survey questionnaire
Toolkit 3: Tables and diagrams analysing the results of the GDPR enforcement and sanctions review
Toolkit 4: GDPR Sanctions Directory
Toolkit 5: Inventory of European Data Protection bodies
Toolkit 6: Inventory of EEA national Data Protection Supervisory Authorities (DPSAs)

Erscheinungsdatum
Reihe/Serie Blue Paper
Zusatzinfo 20
Verlagsort London
Sprache englisch
Maße 254 x 177 mm
Themenwelt Recht / Steuern EU / Internationales Recht
Recht / Steuern Privatrecht / Bürgerliches Recht IT-Recht
ISBN-10 1-908585-14-5 / 1908585145
ISBN-13 978-1-908585-14-1 / 9781908585141
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich
Telekommunikations- und Multimediarecht
Buch | Softcover (2024)
dtv Verlagsgesellschaft
CHF 38,95

von Thomas Hoeren; Stefan Pinelli

Buch | Hardcover (2024)
De Gruyter (Verlag)
CHF 125,90
Datenschutz-Grundverordnung Bundesdatenschutzgesetz

von Michael Atzert; Kristin Benedikt; Antonia Buchmann …

Buch | Hardcover (2024)
C.F. Müller (Verlag)
CHF 279,95