LAST WEEK IN PRIVACY & DATA PROTECTION

The Last Week in Privacy & Data Protection is a weekly newsletter provided to you by Data Privacy Recruitment Ltd.In it we gather the most important, business relevant, and generally interesting news articles, court judgments, and professional opinions related to privacy and data protection.

57th Weekly Newsletter -> 14–20 August 2017

___________________________________________________________________

Irish DPC Publishes Guidance on DPO Qualifications

Last week the Irish Data Protection Commissioner published a short Guidance Document describing the qualities and qualifications of the Data Protection Officers. According to the GDPR Data Protection Officer needs to be designated on the basis of professional qualities and expert knowledge of data protection law and practices. The Guidance Document further describes these requirements by explaining the necessary skills and expertise. Specifically, the DPC talks about expertise in national and European data protection laws and practices including an in-depth understanding of the GDPR; understanding of the processing operations carried out; understanding of information technologies and data security; etc.

Read more HERE

___________________________________________________________________

Russian DPA Publishes Privacy Guidance Document

Russian data protection authority — Roskomnadzor issued a guidance document for data operators on the drafting of privacy policies to comply with Russian data protection law. The law requires Russian data operators to adopt a privacy policy that describes how they process personal data and they have to publish such policy online when personal data is collected online. Roskomnadzor emphasises the importance of providing a detailed data processing policy so that data subjects are aware of all potential actions to be taken with their personal data.

Read more HERE

___________________________________________________________________

UK ICO Fines North London Council

Last week the UK information Commissioner’s Office fined the Islington Council £70,000 for failing to keep up to 89,000 people’s information secure on its parking ticket system website. The Council’s system allows people to see a CCTV image or video of their alleged parking offence. But the system was found to have design faults meaning that personal data of up to 89,000 people was at risk of being accessed by others. Data included a small amount of sensitive personal information such as medical details relating to appeals. The problem occurred in 2015 when it was discovered that folders containing personal data could be accessed by manipulating the website URL and that there had been unauthorised access to 119 documents on the system 235 times from 36 unique IP addresses, affecting 71 people.

Read more HERE

Read the Monetary Penalty Notice HERE

___________________________________________________________________

Compiled by Jernej Mavrič, email: jm@dp-recruitment.com

___________________________________________________________________

Follow us on Twitter @LastWeekInPDP and visit our WEBSITE

For privacy jobs and vacancies follow @dprecruitment

)

Data Privacy Recruitment

Written by

International privacy and data protection recruitment specialists.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade