NCCoE page at https://www.nccoe.nist.gov/mobile-device-security
The DPA for Berlin, as well as the DPAs for Niedersachsen, Rheinland-Pfalz, Sachsen, Sachsen-Anhalt and Bayern (LDA) b, are starting a coordinated inspection on the contracts between several web hosters and their customers.
To encourage data controllers to conduct their own checks, the DPA is publishing the following material:
.. with research paper at
The Blockchain 2022 guide features 20 jurisdictions. The guide provides the latest legal information on decentralised finance (DeFi), updates to tax systems to consider blockchain and cryptocurrencies, non-fungible tokens (NFTs), initial coin offerings (ICOs), smart contracts, data privacy and protection, and mining and staking.
other countries (with other authors) are at https://practiceguides.chambers.com/practice-guides/digital-healthcare-2022
Marlene Sämann, Marlene; Daniel Theis, Daniel; Tobias Urban; Martin Dägeling
June 2022, Conference: Privacy Enhancing Technologies Symposium (PETS)At: SydneyVolume: 4
“… Our analysis shows that it is a combination of technical and organizational issues that are involved when a fine is imposed. ”
“Moreover, data protection authorities more often react to data subjects’ complaints when data breaches become public and when health-related data is involved..”
“.. We further show that the root causes for fined data processing lie in the early data life cycle phases (e.g., data collection). Here, organizational problems are more prevalent (601 fines) than technical issues (314 fines), while technical issues are mentioned more often in later life cycle phases (e.g., retention, access and usage). Especially mistakes in the early phases of the data collection process (e.g., lacking a legal basis) and unauthorized disclosure in later phases are fined. ..”
Frequent sources of data breaches and preventive controls (in German)
In German, explains options for follow-up actions to data subjects affected by a data breach.
“Betroffen von #Datenschutzverstößen – Was kann ich tun? Handlungsoptionen und Erfolgsaussichten”
12-Seiten-Dokument zum Thema veröffentlicht vom Netzwerk Datenschutzexpertise
includes page 125ff the audit questionnaire used by them for energy companies: