News – Page 37 – Privacy Design®

November 30, 2020January 8, 2021

Privacy Icons launched by privacyicons.ch

https://privacy-icons.ch/

Pictograms

November 30, 2020November 30, 2020

Germany: Referentenentwurf DVMPG

Draft for new German law to modernize health care
(Digitale Versorgung und Pflege – Modernisierungs-Gesetz – DVPMG)

This includes important changes to DIGAV!
(See “Artikel 8”, page 44ff)

From 1.Jan 2023 DIGA (digital health applications) would need to be able to export data into a the electronic patient file (elektronische Patientenakte)
Also new requirements on certified information security management (from no later than 1 Jan 2022) and a BSI certificate on data security (from 1 Jan 2023). This also applies to digital health applications which are already registered.
Also new requirements on integrating with the electronic patient card for authentication (elektronische Gesundheitskarte) – unless the DIGA is purely web-based. (31 Dec 2020)
Also the vendor needs to ensure that the provided health information is kept up-to-date.

https://www.bundesgesundheitsministerium.de/fileadmin/Dateien/3_Downloads/Gesetze_und_Verordnungen/GuV/D/Referentenentwurf_DVPMG.pdf

November 20, 2020November 20, 2020

German initiative for third country assessments

https://essentialguarantees.com

(private initiative? no authorities involved?)
#SchremsII

November 17, 2020November 17, 2020

DPA: Germany/Bavaria: BayLDA Schrems II slides, IAPP 17-Nov-2020

https://pages.iapp.org/rs/138-EZM-042/images/IAPP%20M%C3%BCnchen%2017%2011%202020.pdf

November 12, 2020July 22, 2021

EDPB and SchremsII

Final version at https://edpb.europa.eu/system/files/2021-06/edpb_recommendations_202001vo.2.0_supplementarymeasurestransferstools_en.pdf
—
https://edpb.europa.eu/sites/edpb/files/consultation/edpb_recommendations_202001_supplementarymeasurestransferstools_en.pdf
https://edpb.europa.eu/sites/edpb/files/files/file1/edpb_recommendations_202002_europeanessentialguaranteessurveillance_en.pdf

https://iapp.org/news/a/a-break-down-of-edpbs-recommendations-for-data-transfers-post-schrems-ii/

https://edpb.europa.eu/sites/edpb/files/files/file1/edpb_plenaryminutes_38_20200914_public.pdf

November 12, 2020November 16, 2020

EU Commission publishes new Standard Contractual Clauses draft

https://ec.europa.eu/info/law/better-regulation/have-your-say/initiatives/12741-Commission-Implementing-Decision-on-standard-contractual-clauses-for-the-transfer-of-personal-data-to-third-countries
– Open for Feedback until December 10th

IAPP article
https://iapp.org/news/a/new-eu-standard-contractual-clauses-a-modernized-approach/

November 12, 2020November 12, 2020

Germany: GDPR fine catalog successfully challenged in court (LG Bonn)

The court reduced the original fine by the BfDI against 1&1 (a telco) by 90% – from 9.55 mio EUR to 900.000 EUR.

An article on the case (in German) is below:
https://www.unternehmensstrafrecht.de/lg-bonn-erteilt-bussgeldkonzept-der-datenschutzbehoerden-deutliche-absage/

November 11, 2020November 12, 2020

Spanish DPA: AEPD resource page in English

https://www.aepd.es/en/areas/innovation-and-technology

November 11, 2020November 11, 2020

AEPD: Privacy risks when logging in other applications with social media accounts

https://www.aepd.es/en/prensa-y-comunicacion/blog/privacy-risks-logging-in-applications-with-social-media-accounts

November 11, 2020

Germany: Case on processing special categories of data without intent to use them..

Mit Urteil vom 24.09.2020 (Az. 1 K 584/19.MZ) hat das VG Mainz zum Datenschutz bei Videoüberwachung entschieden.
Keine Verarbeitung von Daten nach Art. 9 DSGVO, wenn keine Auswertungsabsicht.

http://www.landesrecht.rlp.de/jportal/portal/t/ax0/page/bsrlpprod.psml?pid=Dokumentanzeige&showdoccase=1&js_peid=Trefferliste&documentnumber=1&numberofresults=1&fromdoctodoc=yes&doc.id=MWRE200004115&doc.part=L&doc.price=0.0&doc.hl=1#focuspoint