Evolveum - GDPR: late is better than never

GDPR: Late is better than never

Time is running out. There are just few months left to the implementation of the European Commission’s General Data Protection Regulation (GDPR) on 25th May 2018. The main question is: are companies truly prepared? Well, maybe you will be surprised what recent studies have to say about that.

Evolveum: IT security threats in 2018

IT security threats in 2018: are you ready for them?

2017 was a really great year. For hackers. Many of us heard about WannaCry and NotPetya that took down over 300,000 computers across the world, including the UK’s National Health Service or government agencies in Ukraine. CCleaner, a utility program millions of Windows users rely on to clear potentially unwanted files off their PCs, got[…]

Evolveum - GDPR, lawful basis

Lawful basis Part I.

On the way to the practical side of the GDPR we need to recognize reasons for processing the personal data, officially known as lawful basis. It has been long time since the data processing had been uncontrolled. You have needed lawful basis since the directive had come into effect, but under the GDPR there is[…]

Evolveum - Data Privacy Day 2018

How to stay safe online: tips and advice

We live in a fast evolving world. We surround ourselves with the technology to make our life easier every day. While in the past it would cause a great amusement, today we don’t even blink an eye when seeing someone hanging on their device, being online at any place, any time. The Internet became a[…]

GDPR Lawful Basis Management

GDPR Lawful Basis Management

The first thing that most likely comes to the mind when people hear about GDPR is “consent”. That is understandable, as better part of the buzz around GDPR is about customer identities and digital marketing. But this emphasis on consumer identities is casting shadow on other aspects of GDPR that are at least as much[…]

GDPR - consent, part 2

GDPR – Consent part II.

Consent under the GDPR looks like really complex and complicated issue. Let’s see what we can already clearly explain. To achieve all stated requirements, you need to structure the consent granularly and give data subjects some options. Consent must be “specific”. Blanket consent without stating the exact purpose is not valid, but the GDPR does[…]

GDPR - Subject matter and scope

GDPR – Subject matter and scope

Now when we are familiar with GDPR principles and Rights of data subjects it is time to move on and uncover the content and territorial reach of GDPR. We will explain what data, systems and persons are protected by GDPR and who is bound to do so. GDPR applies to all contexts across all sectors.[…]

GDPR – Rights and principles

GDPR – Rights and principles III.

This article is the last continuation of the GDPR principles series. In the previous articles you could read about the purpose limitation principle and data minimisation or accurancy and data retention periods. Now let’s learn about data security and Accountability. Data security Controllers are responsible for ensuring that personal data are kept secure, against both external and internal threats. This[…]