General Data Protection Regulation (GDPR)

Feb 10, 20221 min read

The General Data Protection Regulation, short GDPR, is the EU's data privacy and security law. The GDPR is based on the "seven core principles":

Purpose limitation,
Fairness, lawfulness, and transparency,
Data minimization,
Storage limitation,
Accuracy,
Confidentiality and integrity, and
Accountability.

There are also some ideas that give the GDPR some teeth.

Every data subject has rights, such as information and access, but also rectification and erasure of their data. And they may lodge a complaint with a supervisory authority.
Data processors need to implement technical and organizational measures to protect data, they need records of their data processing activities, and in certain cases they must appoint a data protection officers. Data breaches must be reported to the supervisory authorities.
Data cannot simply be transferred to other jurisdictions with a lower standard of data protections.
There are penalties and fines for noncompliance with the GDPR. And those can be hefty: up to €10 million or up to 4% of the annual world-wide turnover in case of a business.

Security lock on a circuit board standing for the GDPR-compliance of a IAM solution.

Is your Identity & Access Management (IAM) GDPR-Compliant?

Mar 21, 20245 min read

Inhouse DIY Identity and Access Management, part or complete outsourcing? What are the challenges and pitfalls?

Necessity of an identity and access management system embodied by two hands holding identities in form of circles with anonymous personas inside.

Identity and Access Management (IAM) - Why It Matters and What You Need to …

Mar 8, 20245 min read

IAM systems deserve much more attention – they may work under the hood, but they are the very key to all data and functionality of an online service.

Technical data protection is secured by group of programmers and software developers sitting in front of their screens evaluating code.

Good data protection makes for good business

Feb 28, 20244 min read

Good data protection makes for a reliable IT setup and protects personal data as well as algorithms and trade secrets.

Not only the location of the shown server rack in the data center is relevant for good data protection but also where the firm and its offices are located.

Company headquarters and server location - both must be right for data …

Feb 24, 20245 min read

Storing data in the EU is not a silver bullet for all data protection requirements. Compliance also depends on who owns the server.

An electrified padlock made with electronic components symbolizes security in cloud computing and helping to respect EU data protection regulations

EU Data Protection Update Q4-2023

Feb 9, 202417 min read

We take a look at the most important data protection topics in the fourth quarter of 2023 in the EU

Three colored safes with a key lying in front of them symbolizing alternatives for Keycloak

Do you need a Keycloak Alternative for Providing Hassle-free Authentication …

Dec 6, 20237 min read

Evaluation of open-source Keycloak software and potential fully integrated and managed Keycloak alternative.

Data cloud in orange teal to symbolize data protection and cybersecurity.

EU Data Protection Update Q3-2023

Nov 7, 202318 min read

Quarterly news update (Q3/2023) highlighting the major developments in the field of data privacy legislation, enforcement, administrative initiatives, cybersecurity with a special focus on Software as a Services and cloud services …

Adequacy Decision for EU-US Data Transfers – Legal Opinion

Trans-Atlantic Data Privacy Framework (TADPF): Fragile Wanting, and Not …

Jul 14, 20234 min read

Trans-Atlantic Data Privacy Framework (TADPF): Fragile, Wanting, and Not GDPR compliant?

EU GDPR Bits and Bytes in Data Stream

Engity's EU Data Protection Update Q1/2023

Apr 27, 202316 min read

We discuss the major updates in data protection and privacy in the 1st quarter of 2023.

Data Cloud over World

EU Data Protection Update Q4 / 2022

Jan 20, 202314 min read

We discuss the major updates in data protection and privacy in the 4th quarter of 2022.

A virtual login screen above a keyboard stands for a proper technical implementation of an identity and access management system.

The technical implementation of your IT landscape has to be GDPR-compliant

Nov 7, 20225 min read

Many Data Protection Officers do not know enough about the technical implementation of data protection measures. Often this results in non-compliant structures - despite best intentions.

European map colored in blue with the 12 yellow European stars on top with a centered paragraph symbol standing for a European Data Protection

EU Data Protection Update Q3-2022

Oct 11, 20229 min read

Engity highlights the developments in policy, legislation and enforcement in data protection in Q3-2022.

1
2