AI (Artificial Intelligence) is becoming a big part of how businesses operate. But with this technology comes new rules that companies must follow. The EU AI Act, effective since August 1st 2024, is one of these important new rules. If your company uses or develops AI, it’s important to know what this means for you. […]
pb-health-medical
Voice Data as a Health Indicator
In the era of digital health and artificial intelligence, we are witnessing an unprecedented ability to collect and analyze personal data for health insights. One emerging area of interest is the use of voice data as a health indicator. While this technology holds promise for early detection and monitoring of various health conditions, it also […]
Swiss-U.S. Data Transfers: New Framework solves Privacy Hassles, finally!
Starting September 15, 2024, transferring personal data from Switzerland to the United States will become significantly easier, thanks to a new framework approved by the Swiss Federal Council. This marks a significant shift, allowing these data transfers to rely on an adequacy decision rather than the more complex Standard Contractual Clauses (SCCs). Until this decision, […]
Can Legitimate Interest Be Used to Train an AI Model? noyb Disagrees
In August 2024, the European Center for Digital Rights (noyb), co-founded by privacy advocate Max Schrems, filed a series of complaints against X (formerly Twitter), the social media platform owned by Elon Musk. The nine complaints, lodged in nine different countries, focus on X’s use of personal data to train its Artificial Intelligence (AI) technologies. […]
GDPR Breach due to Health Data Leak results in 80,000 euro fine for Private Clinic
A private clinic specializing in assisted reproductive technology (ART), experienced a significant data breach due to a cyberattack. The breach compromised the personal data of approximately 400 individuals, including patients and employees. The affected data included identity, contact information, financial details, and sensitive health and genetic information. Even though the breach was detected on 21 […]
Resolution from the DSK regarding the secondary use of genetic data
Before we delve into the position paper of the Conference of Independent Federal and State Data Protection Supervisory Authorities (DSK), it is important to discuss the exceptional nature of genetic data. Genetic data, defined in Art. 4 (13) GDPR and in Recital 34 GDPR, was included within the special categories of data by the GDPR, […]
PIAs and DPIAs: A Two-Step Process to GDPR Compliance
If you work in a company in the European Union or the UK you have probably heard your fair share about data protection. From HR to Sales, personal data infiltrates almost every aspect of a company. One of the biggest tasks under the General Data Protection Regulation (GDPR) is collecting all the information required and […]
Why Canada is facing more Cyberattacks than ever
Ignorance is bliss, they say, but this is definitely not true when it comes to data protection and data security. Our daily lives revolve more and more around the online world (home office with video conferences, online banking, social media and the list goes on). This, most certainly, comes with a lot of amenities. However, […]
How to protect data from web scraping? Guidelines from The Italian DPA
The Italian Data Protection Authority (Garante per la protezione dei dati personali, or short Garante) has released in May 2024 guidelines aimed to protect personal data published online by public and private entities (in a role of data controller) from web scraping performed by third parties. While the purposes to perform data scraping or web […]