COMPLIANCEdigital
Hilfe zur Suche
Ihr Warenkorb ist leer
Sie sind Gast

Suche verfeinern

Nutzen Sie die Filter, um Ihre Suchanfrage weiter zu verfeinern.

Ihre Auswahl

… nach Dokumenten-Typ

Alle Filter entfernen

Suchergebnisse

127 Treffer, Seite 2 von 13, sortieren nach: Relevanz Datum
  • eJournal-Artikel aus "PinG Privacy in Germany" Ausgabe 1/2019

    What data protection rights do employees have in 2018

    The right to personal life, the GDPR and the balance of interests
    Prof. Dr. George Dimitrov, Prof. Dr. Daniela Ilieva, Radoslava Makshutova
    …subordination”) when referring to the relations between employer and employee and on numerous occasions underlines the specific nature of these relations. First, it… …Communications in the Workplace that personal correspondence is within the scope of personal data protection, as it generally contains such data. Consequently… …correspondence and printed it, and there is no data as of for how long and where that data was kept, how many persons had access to it and, finally, what the… …example, the misuse of the internet could be detected just by determining the sites visited and the duration of the visit, it would not be necessary to… …of the employer and the risks it bears in an event of a security breach, whether the invasive measures it takes may be restricted without additional… …privacy”. 9 It is an important segment of the assessment whether the processing falls within the legitimate interest of the employer or not, ­although the… …by the ­employer. 11 To ensure compliance with the new data protection rules and the right to information, however, it is strictly necessary to provide… …the right to privacy to the necessary minimum. 13 It could be concluded that in the context of the new data protection legislation similar cases must be… …the work place that concerns a great part of the employers is the use of CCTV (video surveillance). Where can it be used, to what extent can the… …thefts, and forth, that “the image recording was limited to the area where the cash register was located”, therefore it was a not disproportionate measure…
    Alle Treffer im Inhalt anzeigen
  • eJournal-Artikel aus "PinG Privacy in Germany" Ausgabe 4/2019

    On the accountability of the GDPR for EU-based processors

    Timon Mertens
    …the ­principle of accountability. It is already contained in the GDPR’s predecessor law, the EU Data Protection Directive of 1995, 2 or the OECD… …Principles on Privacy of 1980 3 . Less apparent, however, it is also inherent to the roles which companies can possibly occupy when they are processing… …processing in question. 5 The inevitable result is that a Pro­cessor almost ­always occupies both roles; it is a Processor in regard to its business client’s… …data but it is at least a Controller for the data of its own employees. As a Processor, a company therefore has to consider all provisions of the GDPR… …. 82 (2) second sentence as it is “specifically directed to processors”. On the accountability of the GDPR for EU-based processors Mertens PinG 04.19 187… …way: as Art. 28 GDPR phrases it “on behalf of the Controller”. 11 Therefore, the legal basis needs to be established by the Controller alone. The… …put it differently, it includes the Processor. As a Processor, the company acting on behalf of the other is consequently not considered a third party… …of accountability to Controllers in recital 74. 9 It also reveals the function in which a company, which acts as a Processor in relation to its client… …in Art. 28 are met. The compliance with Art. 28 GDPR itself is subject to a fine and it is addressed to both Controllers and Processors. 16 It is… …approached by businesses either for marketing purposes (lit. a)) or where their behavior shall be monitored, provided it takes place within the EU (lit. b))…
    Alle Treffer im Inhalt anzeigen
  • eJournal-Artikel aus "PinG Privacy in Germany" Ausgabe 3/2019

    The independence requirement for national data protection supervisory authorities.

    Some thoughts from the Romanian perspective.
    Andreea Lisievici
    …Prelucrării Datelor cu Caracter Personal – in short, ANSPDCP. Since 2013 it had been led by Mrs. Ancut¸a Opre, as president. When she was appointed for this… …required under the law“. The Senate has voted on the proposal on the same day it received the report, and granted Mrs. Opre another five year term of office… …incredible swiftness given how it usually takes months for any follow up to a complaint. ANSPDCP’s request for answers also mentioned the risk of high fines… …personal data processing for journalistic purposes may be performed, provided that it refers to personal data that were expressly made public by the data… …criminal behaviour of members of that party. IV. What now? Of course, this all might be a coincidence. It might also be the clear sign of a lack of… …Romanian NGOs fighting to promote the right to data protection and private life 12 . It is pretty clear that it is only the Commission that can take action…
    Alle Treffer im Inhalt anzeigen
  • eJournal-Artikel aus "PinG Privacy in Germany" Ausgabe 1/2019

    The Usual Others

    Third-Party Data in Contracts
    Thomas Britz, Dr. Moritz Indenhuck
    …Thomas Britz, LL. M. (­Berkeley), is an associate at lindenpartners in ­Berlin. He is specialized on data protection law, IT law and litigation, with a… …intellectual property, data protection and legal matters related to IT. He has a focus on advising banks and financial ­service providers. Thomas Britz, LL. M… …between private individuals. Thus, it seems hardly surprising that the General Data Protection Regulation (GDPR) generally permits such processing… …operations, as indicated in Recital 44: “Processing should be lawful where it is necessary in the context of a contract or the intention to enter into a… …for such third-party data in contracts are bank transfers, insurance contracts or the client-attorney relationship. 3 In these situations, it is… …of a natural person who is not a contracting party (data subject). We refer to this contract as the primary contract, as it is in the limelight of the… …appropriate lawful basis (Art. 6(1) GDPR). 6 1. Contract At first sight, it seems obvious that such processing could be based on Art. 6(1)(b) GDPR (processing… …. 6(1)(b) GDPR since it is necessary for the performance of the third-party contract between the payer and the other bank. bb) Multilateral third-party… …personal data of the natural persons who are the company’s shareholders, this processing might be justified by arguing that it is necessary for fulfilling… …is organized as a non-commercial association under German law (Verein, cf. Sec. 21 German Civil Code (BGB)), it is, however, questionable whether its…
    Alle Treffer im Inhalt anzeigen
  • eJournal-Artikel aus "PinG Privacy in Germany" Ausgabe 2/2019

    Data Protection Law in Russia

    Ekaterina Smirnova
    …. However, it is important to understand that data is only treated as being personal if such data, by itself or in the aggregate, may directly or indirectly… …identify a particular individual. It should be noted that the law separately identifies special categories of personal data which include “the data… …personal data is an indication to the key contents of such data: a) it describes the biological or physiological features of an individual and b) it ­being… …possible to establish the identity of a personal data subject on its basis. Thus, only that data will be recognized as biometric personal data which makes it… …, that an X-ray photograph will not, by itself, constitute biometric personal data if it is not used to identify a person. 2. Personal Data Processing The… …Personal Data Law establishes a number of restrictions and requirements in respect of personal data processing. First and foremost, it is necessary to… …to that contract; b) the need to protect the life, health, or any other vital interests of a personal data subject if it is impossible to obtain the… …access to personal data is provided to the public at large by the subject him/herself or at his/her request, etc. The reason why it is consent that is the… …requirements for the form of the subject’s consent to personal data processing. As has been noted above, depending on the personal data category, it is important… …data. Essentially, the term Big Data describes large volumes of structured and non-structured data and tools for its processing. It can be said that the…
    Alle Treffer im Inhalt anzeigen
  • eJournal-Artikel aus "Zeitschrift Interne Revision" Ausgabe 6/2019

    Robotic Process Automation als Prüfobjekt

    Chancen und Herausforderungen
    Prof. Dr. Marc Eulerich, Roxana Meschke, Jan Grüne
    IT- Umwelt, • weil die Ergebnisse des Bots signifikanter Teil von Prozessschritten sein können und damit einen zu prüfenden Teil der IT-Landschaft… …, Automation Anywhere und UIPath bleibt RPA kein reines IT- Thema mehr. Um Tätigkeiten oder Prozesse zu automatisieren, sind keine Programmierkenntnisse… …IT – unter anderem Entwicklung und Changemanagement – und dem Prozess-/Kontrollverantwortlichen geben. Anders als bei bisherigen Entwicklungen und… …unkontrollierten Einsatz von RPA führen kann. Die Verwaltung der eigentlichen RPA-Applikationen hingegen obliegt weiterhin der IT. So werden User Access Management… …einzelnen Bots unerlässlich. Die Trennung zwischen der Verwaltung der Applikation – klassische IT – und der Verwaltung des Bots – IT gemeinsam mit dem… …. Im Vordergrund steht also die Einbettung der RPA Entwicklung, Implementierung und Überwachung in das IT Operating Model und den General IT Controls… …und Wirksamkeitsbeurteilung der zugrunde liegenden General IT Controls voraus. 7 Neben User Access Management und Change Management kommt dem Incident… …deckungsgleich zum Testing im Umfeld klassischer ERP-Systeme, zum Beispiel bei der Wirksamkeitsbeurteilung von IT Application Controls (ITAC). Die Phasen der… …Prüfung lassen sich wie folgt gliedern: 1. Risk Assessment im Rahmen der Prüfungsvorbereitung, 2. Beurteilung des IT Operating Model, 3. Identifikation und… …Beurteilung der GITC, 4. Testing einzelner Bots. 4.1 Risk Assessment im Rahmen der Prüfungsvorbereitung Beim Testen von RPA, ähnlich der Prüfung von IT
    Alle Treffer im Inhalt anzeigen
  • eJournal-Artikel aus "PinG Privacy in Germany" Ausgabe 3/2019

    Data Breach Notifications in the UK

    How will
    Ronke Euler-Ajayi, Malcolm Dowden
    …directly affected by Brexit. The United Kingdom has been directly subject to the General Data Protection Regulation (EU 2016/679) (GDPR) since it came into… …for Brexit, secondary legislation has further modified DPA 2018 to create “UK GDPR”. This combines the wording of GDPR, amended to make it work as a… …way that eliminates or minimises national differences. Post-Brexit, it is possible that UK data protection law might diverge from GDPR, whether in… …breach; and (ii) it will help to determine whether notification to the ICO is required and whether the affected individuals should be informed. When… …incident affecting UK controllers or processors, it may also be necessary to report to the National Cyber Security Centre (NCSC): https://www.ncsc… …personal data breach were to affect processing in the EU/EEA and also in the UK, it is likely that separate reporting obligations would apply. That would…
    Alle Treffer im Inhalt anzeigen
  • eJournal-Artikel aus "Risk, Fraud & Compliance" Ausgabe 4/2019

    Literatur

    …vor allem durch zahlreiche IT- und Rechtsaspekte erweitert. So werden Deutsche Gesetze und internationale Regelungen miteinander verglichen, wie… …dem Bundesamt für Sicherheit in der Informationstechnik (BSI) veröffentlichten Wirtschaftsgrundschutz. Mit dem „Plan“ des Qualitätsmanagementzyklus…

  • Aktuelle Compliance-Aspekte bei Gesch

    …verbessern. Behandelt werden u.a.: Strukturen, IT und Internes Kontrollsystem Reiserichtlinien Beschaffung von Reiseleistungen Reiseabwicklungsphasen… …Reisesicherheit und Krisenmanagement Unabhängig von Größe, betrieblichem Reisevolumen oder eingesetzter IT, ob im öffentlichen oder privaten Sektor: Der modulare…

  • Reiserichtlinien oft lückenhaft

    …Wirksamkeit von Travel-Management-Systemen zu beurteilen und zu verbessern. Behandelt werden u.a.: Strukturen, IT und Internes Kontrollsystem… …oder eingesetzter IT, ob im öffentlichen oder privaten Sektor: Der modulare Aufbau des Leitfadens unterstützt Sie bei der Erstellung passgenauer…
◄ zurück 1 2 3 4 5 weiter ►

Die Nutzung für das Text und Data Mining ist ausschließlich dem Erich Schmidt Verlag GmbH & Co. KG vorbehalten. Der Verlag untersagt eine Vervielfältigung gemäß §44b UrhG ausdrücklich.
The use for text and data mining is reserved exclusively for Erich Schmidt Verlag GmbH & Co. KG. The publisher expressly prohibits reproduction in accordance with Section 44b of the Copy Right Act.

© 2026 Erich Schmidt Verlag GmbH & Co. KG, Genthiner Straße 30 G, 10785 Berlin
Telefon: +49 30 25 00 85-0, Telefax: +49 30 25 00 85-305 E- Mail: ESV@ESVmedien.de
Erich Schmidt Verlag        Zeitschrift für Corporate Governance        Consultingbay        Zeitschrift Interne Revision        Risk, Fraud & Compliance