Search results for term Stanko Cerin

Is Modern Shopping Experience Evolving into Dangerous Global Cyber-Attack?

Think twice before accepting third party cookies – and then, click the refuse button.

Bank who got the first GDPR fine in Croatia has been consciously violating human rights for almost a year and got more than 30 notices from data protection authority before it was actually fined

On March 13th 2020. croatian data protection authority (AZOP) published an information about issuing first GDPR fine in Croatia. According to fuzzy local law, it is not really clear how transparent AZOP has to be with regards to issuing fines, although local regulation does require non-anonymised fines to be published on the AZOP web site in case they are bigger than 100.000 HRK (about 13.150 EUR).

Fighting Virus Is About Processing Big Data – Special Categories

Fighting global pandemic is impossible without collecting and processing special categories of personal data. The core of this fight is collecting and processing data about patients’ locations, movement, health conditions and personal habits (i.e. hygiene, food etc.) as well as contact with other people and type of interaction. All this information and much more is carefully analysed so patterns can identify, conclusions made and used to protect human race.

Big school of GDPR Lesson 10: Legal Aspects - How to Avoid Penalty?

The violation of the right to privacy, irresponsible behavior towards personal data and their misuse to generate profits, and at the cost of causing an individual's damage, has become the business practice of many. Technologically advanced companies such as those in the telecom and banking sector, and innovative startups that today offer public services to millions, and even billions of users, brought the processing of personal data to perfection.

BIG SCHOOL OF GDPR – LESSON 9: Integrating privacy in process and IT systems design - Privacy by design

Effective integration of privacy into all business processes is only possible by raising awareness of the importance of personal information, the benefits their processing brings to an individual and society, as well as the negative impact that unethical use of personal data may have.

Big school of GDPR - lesson 8: DPIA (Data Protection Impact Assessment)

DPIA is the heart of GDPR. At its core, GDPR wants to restore control of personal information to owners through a change of thinking about them, and responsible behavior towards personal data at the social level can only be achieved by educating generations that are conscious of risks of irresponsible or malicious use of personal data.

Big school of GDPR lesson 7: GDPR Internal audit

You've launched a whole range of activities to align with GDPR requirements. You have appointed the DPO, established a structure of authority and responsibility for managing the personal information. You have analyzed the readiness of the organization and the IT system to fulfill the rights of the owner of personal data.

Big school of GDPR lesson 6: Harmonization of IT systems and IT systems management

At first glance, GDPR does not seem to have a major impact on IT systems. In fact, there are only a few functional requirements directly related to IT systems.

Big school of GDPR lesson 5: Harmonizing organizational structure and business processes, reporting

This is the time when you need to appoint a person responsible for the protection of personal information in the organization. Do not mix the function of a Personal Data Protection Officer, who your company has already appointed under the old Act with this function. The new function has almost no similarities with the old one.

Big school of GDPR lesson 4 – Designing project plan

What do we have to do, how, who and until when? How much does it cost? There are some of the questions we are giving the answer to in our fourth lesson of GDPR in the Big School of GDPR by and Ostendo Consulting.

Big school of GDPR Lesson 3: Assessment of current state - Determining project priorities

Several people from the company have gone through basic education so far or at least have read carefully the previous lessons of the Big School of GDPR by ICT Business Portal and Ostendo Consulting. You have realized that coping with GDPR can represent a serious business risk.

Big school of GDPR - Lesson 2: Establishment of an effective project team

The consequences of breaching GDPR provisions have a major catastrophic impact on the company's business, which makes GDPR a problem for administration. Keep this in mind when creating your GDPR team.

Big school of GDPR by ICTbusiness portal – Lesson 1: Impact on Society and Business

The new rules on the protection of personal data, whose application begins in May next year, brings about major changes in society. Control of personal information is given back to their owners. The rights of EU citizens in the field of personal data protection are increasing, along with the obligations of all those who use this information.

Big school of GDPR by ICTbusiness portal and Ostendo Consulting

In order to make the knowledge required to comply with the GDPR requirements as available as possible, ICT business portal, in co-operation with Ostendo Consulting, starts the Big School of GDPR.

Is Facebook being fined 110 mil eur first victim of GDPR fines?

European Commision fined Facebook with 110 million eur for providing misleading information about WhatsApp merger. Even grounded on EU merger regulation, this fine is a clear message to all those considering GDPR as just another privacy regulation nobody will comply with, as the real essence of the violation is in fact – privacy rights violation.

EU GDPR: A bogeyman for scaring top management?

Upcoming EU data protection regulation aims to finally put in order massive misuse of personal data. What it brings is putting people in control over their personal data. This is exercising one of the fundamental human rights – a right to privacy. Great and noble goal.

How to rob banks and get away with it?

For more than a decade I was questioning myself, why do people need a gun, sunglasses and hoodies to rob the bank. As an operational risk management expert, while assessing business process and IT operations security I keep finding same vulnerabilities. This time, I decided to exploit one and get some cash from the bank as evidence.