incl. google analytics, cookies, ..
https://www.delegedata.de/2019/12/thueringer-fragenbogen-zur-pruefung-von-webseiten-verschiedene-handlungsoptionen-fuer-unternehmen/
CNIL: Summary on privacy in telemedicine and healthcare
Germany: LfDIBW publishes English template for joint controller data processing agreements
UK: ICO releases its first draft regulatory guidance into the use of AI
German DPA (Rheinland-Pfalz) issues 105.000 EUR fine on hospital
.. due to privacy issues related to patient management.
The fine is based on several breaches of the General Data Protection Regulation in the framework of a patient mix-up when admitting the patient. This resulted in incorrect invoicing and revealed structural technical and organisational deficits in the hospital’s patient and privacy management.
Spain: AEPD imposes sanction on cookie (IKEA)
The Spanish Data Protection Authority announced it imposed a sanction on an organization for installing cookies on a device without obtaining prior consent of the user.
https://www.aepd.es/resoluciones/PS-00127-2019_ORI.pdf
Russia: Localization obligation (fines)
The Russian president signed a law introducing financial penalties for violations of the localization obligation in Russian privacy law.
ENISA proposes Best Practices and Techniques for Pseudonymisation
The European Union Agency for Cybersecurity (ENISA) published a new report on “Pseudonymisation Techniques and Best Practices”, which explores the basic notions of pseudonymisation, as well as technical solutions that can support implementation in practice.
https://www.enisa.europa.eu/news/enisa-news/enisa-proposes-best-practices-and-techniques-for-pseudonymisation
Report:
https://www.enisa.europa.eu/publications/pseudonymisation-techniques-and-best-practices
German Data Protection Authorities propose to create GDPR-obligations for producers of software and hardware (incl. liability)
Copying the below directly from the homepage of the Data Protection Authorities of Baden-Württemberg at https://www.baden-wuerttemberg.datenschutz.de/german-data-protection-authorities-propose-to-create-gdpr-obligations-for-producers-of-software-and-hardware-incl-liability/ :
“German Data Protection Authorities #DSK suggest to strengthen the principle „Privacy by Design“ by including a new category of legally obliged parties, the „producers“. They should be hit directly with #GDPR -obligations and also face claims for damages.
https://www.linkedin.com/pulse/german-data-protection-authorities-propose-create-producers-piltz
”