Privacy Seals: A way forward for building trust. The EuroPriSe project. 1
|
|
- Gerald Davis
- 6 years ago
- Views:
Transcription
1 Privacy Seals: A way forward for building trust. The EuroPriSe project October 2007 Florence Emilio Aced Félez Agencia de Protección de Datos de la Comunidad de Madrid emilio.aced@madrid.org
2 Where are we? 2 Data protection is A successful European Story UE affords highest protection in the world But there is a need for Fostering compliance and trust Ways to make explicit best practices Tools for consumers and companies to identify trusted parties Constant innovation
3 Way forward 3 Positive incentives Privacy Enhancing Technologies Privacy Management (PRIME) Privacy Seals Voluntary scheme Regulated Self-Regulation Public recognition of privacy best practices Easily identifiable by all parties
4 Gütesiegel Based on successful experience of the Gütesiegel (Schleswig-Holstein) 4 ICPP Privacy Seal Privacy Seal: product audit Scope: privacy and data protection regulations including regulations on IT security Voluntary, but regulated by state law Product evaluation by legal and technical experts admitted by ICPP Criteria based on legal regulations
5 Gutesiegel IT Product or Service Admitted Expert checks Product or Service 5 Granting of Privacy Seal Accredited Certification Body checks ER
6 European Privacy Seal 6 Supported by the EU
7 Scope The European Privacy Seal certifies that an IT product or IT based service facilitates the use of that product or service in a way 7 compliant with European regulations on privacy and data protection, taking into account the legislation in the pilot countries.
8 Consortium 8 ICPP (Schleswig-Holstein - Coordinator) CNIL (French Data Protection Authority) APDCM (Madrid Data Protection Authority) VaF (Slovakia) TÜViT (Germany) Borking Consultancy (The Netherlands) Ernst & Young (Sweden) OEAWT/ITN (Austria) Londonmet (United Kingdom)
9 Main Actors 9 Standard and Certification bodies Board for Accreditation and Conformity Assessment Public Authorities Ministries Agencies Accredited certification bodies Center for work on standards Potential Experts Legal Technical Associations Manufacturers and Vendors Service or product provider Associations Consumers Authorities and Associations Others European Organizations EU entities Other cross-european organizations
10 EuroPriSe IT Product or Service Admitted Expert checks Product or Service 10 Granting of Privacy Seal Accredited Certification Body checks ER
11 EuroPriSe Criteria Set 1 Overview on Fundamental Issues Fundamental Aspects of Processing 1.2 Fundamental Technical Construction Set 2 Legitimacy of Data Processing 2.1 Legal Basis for the processing 2.2 Special Requirements relating to the various phases of the processing 2.3 Compliance with general data protection principles and duties 2.4 Special types of processing operations
12 EuroPriSe Criteria 12 Set 3 technical-organisatorial measures Passwords, firewalls, encryption, pseudonymisation, logs, anti-virus protection, support for the DPO, special duties in special contexts, etc.) Set 4 data subject rights Right to be informed; right of access; right of correction or erasure/blocking; right to object)
13 Experts Admittance 13 Expert admittance procedure Proof of qualification: legal and/or technical Submit work specimens Proof reliability and independence Training Publication of expert admittance and area of qualification in public register list Accreditation of certification bodies Official national institutions & private organisations Acceptance of certification scheme & royalties Training
14 EuroPriSe Board 14
15 EuroPriSe Board 15
16 EuroPriSe 16 A certificate, based on a transparent and revisable procedure Supervised by independent authorities or trustees Uniform criteria based on the European Privacy Directives Valid throughout the European Member States A positive incentive to develop and deploy privacy compliant and privacy enhancing products and services on the market (regulated self-regulation)
17 Conclusions 17 Contributes to effective application of, and compliance with European privacy and data protection legislation. Increases understanding of European privacy and data protection legislation. Increases awareness around privacy and data protection. Increases user, consumer and citizen trust in products and services. Is good practice for privacy and data protection in products and services.
18 Conclusions 18 Increases market transparency. Provides strong competitive advantage for manufacturers and vendors. Reduces the increase in workload of supervising authorities. Fosters market acceptance of privacy protection. Promotes European cross-border sales. Creates new market opportunities.
19
CC withinthe Context of the EU Privacy Seal - EuroPriSe
CC withinthe Context of the EU Privacy Seal - EuroPriSe TÜV Informationstechnik GmbH -TÜViT - Overview 1. Motivation 2. Data Privacy 3. European Privacy Seal EuroPriSe 4. CC and EuroPriSe 5. Conclusion
More informationThe PRISE Framework. Walter Peissl Maren Raguse. Independent Centre for Privacy Protection
The PRISE Framework Walter Peissl Maren Raguse Agenda The PRISE Framework Structure The PRISE-matrix The PRISE-handbook The PRISE-check-list forms Existing approaches / standards Product related Process
More informationThe emerging EU certification framework: A role for ENISA Dr. Andreas Mitrakas Head of Unit EU Certification Framework Conference Brussels 01/03/18
The emerging EU certification framework: A role for ENISA Dr. Andreas Mitrakas Head of Unit EU Certification Framework Conference Brussels 01/03/18 European Union Agency for Network and Information Security
More informationResilience, Deterrence and Defence: Building strong cybersecurity for the EU
Resilience, Deterrence and Defence: Building strong cybersecurity for the EU 1 Building strong cybersecurity for the EU: Resilience, Deterrence and Defence From reactive to pro-active and cross-policy
More informationHow the European Commission is supporting innovation in mobile health technologies Nordic Mobile Healthcare Technology Congress 2015
How the European Commission is supporting innovation in mobile health technologies Nordic Mobile Healthcare Technology Congress 2015 Claudia Prettner, Unit for Health and Well-Being, DG CONNECT Table of
More informationNew cybersecurity landscape in the EU Sławek Górniak 9. CA-Day, Berlin, 28th November 2017
in the EU Sławek Górniak 9. CA-Day, Berlin, 28th November 2017 European Union Agency for Network and Information Security Positioning ENISA activities CAPACITY Hands on activities POLICY Support MS & COM
More informationSECURITY CERTIFICATION
ÉDITION 2018 SECURITY CERTIFICATION OF PRODUCTS BY THE FRENCH NATIONAL CYBERSECURITY AGENCY (ANSSI) PAR L AGENCE NATIONALE DE LA SÉCURITÉ DES SYSTÈMES D INFORMATION Security Visas provide a competitive
More informationPROJECT BACKGROUND AND RATIONALE
PROJECT BACKGROUND AND RATIONALE The political agreement on the EU General Data Protection Regulation (GDPR) has been reached and the new Regulation will be on the books by the end of the first quarter
More informationPrivacy Code of Conduct on mhealth apps the role of soft-law in enhancing trust ehealth Week 2016
Privacy Code of Conduct on mhealth apps the role of soft-law in enhancing trust ehealth Week 2016 Pēteris Zilgalvis, J.D., Head of Unit for Health and Well-Being, DG CONNECT Table of Contents 1. Context
More informationICT Legal Consulting on GDPR: the possible value of certification in data protection compliance and accountability
ICT Legal Consulting on GDPR: the possible value of certification in data protection compliance and accountability Prof. Dr. Paolo Balboni Founding Partner Professor of Privacy, Cybersecurity, and IT Contract
More informationeidas Regulation (EU) 910/2014 eidas implementation State of Play
eidas Regulation (EU) 910/2014 eidas implementation State of Play CA-Day 19 September 2016 Elena Alampi DG CONNECT, European Commission elena.alampi@ec.europa.eu eidas The Regulation in a nutshell 2 MAIN
More informationStandardization, Protection Goals & Certification
Standardization, Protection Goals & Certification The Public Voice Conference 2010 Kirsten Bock Jerusalem, 25. October 2010 Starting Point We have to cope with three structural problems in data protection
More informationENISA activities in ICT security certification Dr. Prokopios Drogkaris NIS Expert NLO Meeting Athens
ENISA activities in ICT security certification Dr. Prokopios Drogkaris NIS Expert NLO Meeting Athens 30.01.2018 European Union Agency for Network and Information Security What are these symbols anyway?
More informationITU Asia-Pacific Centres of Excellence Training on Conformity and Interoperability. Session 2: Conformity Assessment Principles
ITU Asia-Pacific Centres of Excellence Training on Conformity and Interoperability Session 2: Conformity Assessment Principles 12-16 October 2015 Beijing, China Keith Mainwaring ITU Expert Agenda 1. Context
More informationCEN and CENELEC Position Paper on the draft regulation ''Cybersecurity Act''
CEN Identification number in the EC register: 63623305522-13 CENELEC Identification number in the EC register: 58258552517-56 CEN and CENELEC Position Paper on the draft regulation ''Cybersecurity Act''
More informationData Management and Security in the GDPR Era
Data Management and Security in the GDPR Era Franck Hourdin; Vice President, EMEA Security Russ Lowenthal; Director, Database Security Product Management Mike Turner; Chief Operating Officer, Capgemini
More informationDo you handle EU residents personal data? The GDPR update is coming May 25, Are you ready?
European Union (EU) General Data Protection Regulation (GDPR) Do you handle EU residents personal data? The GDPR update is coming May 25, 2018. Are you ready? What do you need to do? Governance and Accountability
More informationPosition Title: IT Security Specialist
Position Title: IT Security Specialist SASRIA SOC LIMITED Sasria, a state-owned company, is the only short-term insurer in South Africa that provides affordable voluntary cover against special risks such
More informationEU GDPR and . The complete text of the EU GDPR can be found at What is GDPR?
EU GDPR and Email The EU General Data Protection Regulation (GDPR) is the new legal framework governing the use of the personal data of European Union (EU) citizens across all EU markets. It replaces existing
More informationSándor Szőke, Dr. Microsec Ltd. Migration of national PKI Services to eidas conformant Trust Services case study in Hungary
Sándor Szőke, Dr. Microsec Ltd. Migration of national PKI Services to eidas conformant Trust Services case study in Hungary Introduction Private Hungarian IT company since 1984 Custom specific IT system
More informationMutual Recognition Agreements WCAE Florence, November 2014
Mutual Recognition Agreements WCAE Florence, November 2014 Prof Dr Gert H. Karreman DePaul University, Leiden University g.karreman@inter.nl.net International Mobility of Accountants and Auditors Increasing
More informationPackage of initiatives on Cybersecurity
Package of initiatives on Cybersecurity Presentation to Members of the IMCO Committee Claire Bury Deputy Director-General, DG CONNECT Brussels, 12 October 2017 Building EU Resilience to cyber attacks Creating
More informationBuilding an Assurance Foundation for 21 st Century Information Systems and Networks
Building an Assurance Foundation for 21 st Century Information Systems and Networks The Role of IT Security Standards, Metrics, and Assessment Programs Dr. Ron Ross National Information Assurance Partnership
More informationChanging times in Swiss Data Privacy: new opportunities? Microsoft Security Day 27 April 2017 Clara-Ann Gordon
Changing times in Swiss Data Privacy: new opportunities? Clara-Ann Gordon Which countries have Data Protection Laws? Source: https://www.taylorwessing.com/globaldatahub/risk_map.html Page 2 Different Data
More informationGDPR: A QUICK OVERVIEW
GDPR: A QUICK OVERVIEW 2018 Get ready now. 29 June 2017 Presenters Charles Barley Director, Risk Advisory Services Charles Barley, Jr. is responsible for the delivery of governance, risk and compliance
More informationCommittee on the Internal Market and Consumer Protection
European Parliament 2014-2019 AMDMTS: 12 Regulation on ISA, the "EU Cybersecurity Agency", and repealing Regulation (EU) s created with Go to http://www.at4am.ep.parl.union.eu \000000.doc United in diversity
More informationEUROPEAN ACCREDITATION LEGAL FRAMEWORK
EUROPEAN ACCREDITATION LEGAL FRAMEWORK ECIBC Plenary 2016 Ed Wieles 24 November 2016 CONTENTS European model on Accreditation Requirements for Accreditation bodies Harmonised standards for accreditation
More informationTURKISH ACCREDITATION AGENCY. Training, Promotion and Information Directorate
TURKISH ACCREDITATION AGENCY Training, Promotion and Information Directorate About us... Main field of activity of the Training, Promotion and Information Directorate (TPID) is organizing the training
More informationARTICLE 29 DATA PROTECTION WORKING PARTY
ARTICLE 29 DATA PROTECTION WORKING PARTY 18/EN WP261 Article 29 Working Party Draft Guidelines on the accreditation of certification bodies under Regulation (EU) 2016/679 Adopted on 6 february 2018 1 THE
More informationIntroduction. When it comes to GDPR compliance, is OK for now enough? Minds made for protecting financial services
When it comes to GDPR compliance, is OK for now enough? EY CertifyPoint s GDPR certification process will help you achieve and demonstrate compliance. Minds made for protecting financial services Introduction
More informationRecommendations on European Data Protection Certification VERSION 1.0 NOVEMBER European Union Agency For Network and Information Security
Recommendations on European Data Protection Certification VERSION 1.0 NOVEMBER 2017 www.enisa.europa.eu European Union Agency For Network and Information Security About ENISA The European Union Agency
More informationengineering card More Mobility for Engineers in Europe VDI The Association of German Engineers
engineering card More Mobility for Engineers in Europe VDI The Association of German Engineers Why an engineering card? Mobility is important for Engineers, because of the : demand for flexible deployment
More informationConformity assessment
Training Course on Conformity and Interoperability, Tunis-Tunisia, from 22 to 26 May 2017 Conformity assessment Presented by: Karim Loukil & Kaïs Siala Page 1 Today s Objectives Present basic information
More informationLearn how to explain the purpose and business benefits of an ISMS, of ISMS standards, of management system audit and of third-party certification
LAST UPDATED 03-01-2018 ISMS (ISO/IEC 27001:2013) AUDITOR / LEAD AUDITOR TRAINING COURSE (A17533) COURSE DURATION: 5 DAYS LEARNING OBJECTIVES Learn how to explain the purpose and business benefits of an
More informationUKAS Guidance for Bodies Offering Certification of Anti-Bribery Management Systems
CIS 14 Edition 1 September 2018 UKAS Guidance for Bodies Offering Certification of Anti-Bribery Management Systems CIS 14 Edition 1 Page 1 of 10 Contents 1. Introduction 3 2. UKAS Assessment Approach 3
More informationNetworking Session - A trusted cloud ecosystem How to help SMEs innovate in the Cloud
Networking Session - A trusted cloud ecosystem How to help SMEs innovate in the Cloud ICT2015, 21 October 2015 Lisbon, Portugal Dr. Paolo Balboni, Partner at ICT Legal Consulting & Scientific Director
More informationAdtech and GDPR What to consider when choosing your partner
Adtech and GDPR What to consider when choosing your partner 1 Agenda What to avoid and What to do Where is Adform on GDPR Posibilities for advertisers 2 This is about GDPR, not the unknown eprivacy update
More informationGoogle Cloud & the General Data Protection Regulation (GDPR)
Google Cloud & the General Data Protection Regulation (GDPR) INTRODUCTION General Data Protection Regulation (GDPR) On 25 May 2018, the most significant piece of European data protection legislation to
More informationCybersecurity. Quality. security LED-Modul. basis. Comments by the electrical industry on the EU Cybersecurity Act. manufacturer s declaration
Statement Comments by the electrical industry on the EU Cybersecurity Act manufacturer s declaration industrial security Cybersecurity Quality basis security LED-Modul Statement P January 2018 German Electrical
More informationWorkshop on Addressing the Barriers to IPv6 Deployment Spanish use case
Workshop on Addressing the Barriers to IPv6 Deployment Spanish use case Cristina Ramos cristinapilar.ramos@correo.gob.es Agenda Agenda IPv6 addressing plan Barriers Conclusions 1 Background Digital Agenda
More informationESRIF & Working Group Innovation WG 9. Alois J. Sieber Chairman ESRIF WG # 9
ESRIF & Working Group Innovation WG 9 Alois J. Sieber Chairman ESRIF WG # 9 Content of this presentation Background ESRIF Security a definition WG INNOVATION Structure Findings (examples) Challenges Evolution
More informationGUIDELINES FOR THE MANAGEMENT OF ORGANIC PRODUCE CERTIFICATES BY APPROVED CERTIFYING ORGANISATIONS
GUIDELINES FOR THE MANAGEMENT OF ORGANIC PRODUCE CERTIFICATES BY APPROVED CERTIFYING ORGANISATIONS Issued by the Department of Agriculture - Export Organic Program - May 2014 Purpose 1. This guideline
More informationBORKING CONSULTANCY. Ixquick Short Public Report. Surfboard Holding B.V. Date: 11 March 2013 Version: 3.0
BORKING CONSULTANCY Ixquick Short Public Report Document: Customer: CS-X-130311-002 Surfboard Holding B.V. Author: Certified Secure Date: 11 March 13 Version: 3.0 Address: Loire 128-A 2491 AJ The Hague
More informationComparison of Electronic Signature between Europe and Japan: Possibiltiy of Mutual Recognition
Comparison of Electronic Signature between Europe and Japan: Possibiltiy of Mutual Recognition 1 Soshi Hamaguchi, 1 Toshiyuki Kinoshita, 2 Satoru Tezuka 1 Tokyo University of Technology, Tokyo, Japan,
More informationVdTÜV Statement on the Communication from the EU Commission A Digital Single Market Strategy for Europe
Author Date VdTÜV-WG Cybersecurity October, 3 rd 2015 VdTÜV Statement on the Communication from the EU Commission A Digital Single Market Strategy for Europe VdTÜV e.v. welcomes the Communication on a
More informationShort Public Report. 2. Manufacturer or vendor of the IT product / Provider of the IT-based service:
Short Public Report 1. Name and version of the IT product or IT-based service: DIGITTRADE High Security HDD HS256S 2. Manufacturer or vendor of the IT product / Provider of the IT-based service: Company
More informationWhere is the EU in cloud security certification?: Main findings
WE CAN DO SO MUCH TOGETHER Where is the EU in cloud security certification?: Main findings Certification schemes for cloud computing SMART 2016 / 0029 Leire Orue-Echevarria TECNALIA December 11 th, 2017
More informationPAA PKI Mutual Recognition Framework. Copyright PAA, All Rights Reserved 1
PAA PKI Mutual Recognition Framework Copyright PAA, 2009. All Rights Reserved 1 Agenda Overview of the Framework Components of the Framework How It Works Other Considerations Questions and Answers Copyright
More informationVERSION 1.3 MAY 1, 2018 SNOWFLY PRIVACY POLICY SNOWFLY PERFORMANCE INC. P.O. BOX 95254, SOUTH JORDAN, UT
VERSION 1.3 MAY 1, 2018 SNOWFLY PRIVACY POLICY SNOWFLY PERFORMANCE INC. P.O. BOX 95254, SOUTH JORDAN, UT 84095-9998 SNOWFLY PRIVACY POLICY This Privacy Policy describes Snowfly s practices regarding the
More informationProject Isaacus - Leading Public and Private Actors beyond Big Data. Jaana Sinipuro, Project Director
Project Isaacus - Leading Public and Private Actors beyond Big Data Jaana Sinipuro, Project Director A gift to Finland The Finnish Parliament established Sitra as a gift to celebrate the 50th anniversary
More informationGuidelines 4/2018 on the accreditation of certification bodies under Article 43 of the General Data Protection Regulation (2016/679)
Guidelines 4/2018 on the accreditation of certification bodies under Article 43 of the General Data Protection Regulation (2016/679) Adopted on 4 December 2018 Adopted 1 Contents 1 Introduction... 3 2
More informationETSY.COM - PRIVACY POLICY
At Etsy, we value our community. You trust us with your information, and we re serious about that responsibility. We believe in transparency, and we re committed to being upfront about our privacy practices,
More informationEU General Data Protection Regulation (GDPR) Achieving compliance
EU General Data Protection Regulation (GDPR) Achieving compliance GDPR enhancing data protection and privacy The new EU General Data Protection Regulation (GDPR) will apply across all EU member states,
More information21 CFR PART 11 FREQUENTLY ASKED QUESTIONS (FAQS)
21 CFR PART 11 FREQUENTLY ASKED QUESTIONS (S) The United States Food and Drug Administration (FDA) defines the criteria under which electronic records and electronic signatures are considered trustworthy,
More informationMaster degree program Technical legislation, standardization and quality management
The experience of the Technical University of Sofia in education about standardization Master degree program Technical legislation, standardization and quality management Opened in 2007 at the Faculty
More informationSecurity Aspects of Trust Services Providers
Security Aspects of Trust Services Providers Please replace background with image European Union Agency for Network and Information Security 24 th September 2013 www.enisa.europa.eu Today s agenda 09:30-10:00
More informationACCREDITATION: A BRIEFING FOR GOVERNMENTS AND REGULATORS
ACCREDITATION: A BRIEFING FOR GOVERNMENTS AND REGULATORS Accreditation is continuously gaining recognition as an important technical tool in the delivery of objectives across an increasing range of policy
More informationThe GDPR Are you ready?
The GDPR Are you ready? kpmg.ie The GDPR - Overview The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) will come into force from 25th May 2018, replacing the existing data protection
More informationCertificate. Certificate number: Certified by EY CertifyPoint since: July 10, 2018
Certificate Certificate number: 2018-016 Certified by EY CertifyPoint since: July 10, 2018 Based on certification examination in conformity with defined requirements in ISO/IEC 17065:2012 and ETSI EN 319
More informationShort Public Report. on the IT-based service. BKMS System
Short Public Report on the IT-based service BKMS System 1. Name and version of the IT-based service: IT-based service: BKMS System (Business Keeper Monitoring System). Version: 2.7.3 Functional status:
More informationThe Role of SANAS in Support of South African Regulatory Objectives. Mr. Mpho Phaloane South African National Accreditation System
The Role of SANAS in Support of South African Regulatory Objectives Mr. Mpho Phaloane South African National Accreditation System Outline of Presentation INTRODUCTION STATUS OF SANAS TECHNICAL INFRASTRUCTURE
More informationData Protection in the AWS Cloud: Implementing GDPR and Overview of C5
Data Protection in the AWS Cloud: Implementing GDPR and Overview of C5 Gerald Boyne, Christian Hesse Security Assurance Germany 25.11.2017 2017, Amazon Web Services, Inc. or its Affiliates. All rights
More informationGlobal Specification Protocol for Organisations Certifying to an ISO Standard related to Market, Opinion and Social Research.
CONTENTS i. INTRODUCTION 3 ii. OVERVIEW SPECIFICATION PROTOCOL DOCUMENT DEVELOPMENT PROCESS 4 1. SCOPE 5 2. DEFINITIONS 5 3. REFERENCES 6 4. MANAGEMENT STANDARDS FOR APPROVED CERTIFICATION BODIES 6 4.1
More information2. The Information we collect and how we use it: Individuals and Organisations: We collect and process personal data from individuals and organisation
WOSDEC: Privacy Policy West of Scotland Development Education Centre WOSDEC - (We) are committed to protecting and respecting your privacy. This policy sets out how the personal information we collect
More informationManaging Privacy Risk & Compliance in Financial Services. Brett Hamilton Advisory Solutions Consultant ServiceNow
Managing Privacy Risk & Compliance in Financial Services Brett Hamilton Advisory Solutions Consultant ServiceNow 1 Speaker Introduction INSERT PHOTO Name: Brett Hamilton Title: Advisory Solutions Consultant
More informationWhat is cloud computing? The enterprise is liable as data controller. Various forms of cloud computing. Data controller
A guide to CLOUD COMPUTING 2014 Cloud computing Businesses that make use of cloud computing are legally liable, and must ensure that personal data is processed in accordance with the relevant legislation
More informationeidas Regulation eid and assurance levels Outcome of eias study
eidas Regulation eid and assurance levels Outcome of eias study Dr. Marijke De Soete Security4Biz (Belgium) ETSI eidas Workshop 24 June 2015 Sophia Antipolis eidas Regulation Regulation on electronic identification
More informationCybersecurity & Digital Privacy in the Energy sector
ENERGY INFO DAYS Brussels, 25 October 2017 Cybersecurity & Digital Privacy in the Energy sector CNECT.H1 Cybersecurity & Digital Privacy, DG CNECT ENER.B3 - Retail markets; coal & oil, DG ENER European
More informationMapping of the CVD models in Europe
Mapping of the CVD models in Europe TASK FORCE ON SW VULNERABILITY DISCLOSURE IN EUROPE Brussels, 29/11/2017 Gianluca Varisco Disclaimer This preliminary mapping has been put together by: reaching out
More informationInspection and Certification for Individual Farms, Smallholder Group Certification S S R A N A S R S C I E N T I S T
Inspection and Certification for Individual Farms, Smallholder Group Certification S S R A N A S R S C I E N T I S T What is Certification? Organic certification system is a quality assurance initiative,
More informationLAW OF THE REPUBLIC OF KAZAKSTAN «ON CERTIFICATION»
April 27\ 99 Draft LAW OF THE REPUBLIC OF KAZAKSTAN «ON CERTIFICATION» This Law shall establish legal basis of certification of products, quality systems and production, (further processes), works and
More informationFAQ about the General Data Protection Regulation (GDPR)
FAQ about the General Data Protection Regulation (GDPR) 1. When does the GDPR come into force? The GDPR was promulgated 25 May 2016 and comes into effect 25 May 2018. 2. Is there a transition period? We
More informationDemonstrating data privacy for GDPR and beyond
Demonstrating data privacy for GDPR and beyond EY data privacy assurance services Introduction The General Data Protection Regulation (GDPR) is ushering in a new era of data privacy in Europe. Organizations
More informationENISA S WORK ON ICS AND SMART GRID SECURITY
AMSTERDAM, OCTOBER 15, 2012 ENISA S WORK ON ICS AND SMART GRID SECURITY Dr. Evangelos OUZOUNIS Head of CIIP & Resilience Unit ENISA 1 Why is it important? Industrial networks is the CI for the SCADA and
More informationEDPB Certification Guidelines
EDPB Certification Guidelines Public Consultation: Comments submitted by SCOPE Europe bvba/sprl Published and Submitted: 10. July 2018 1 About SCOPE Europe sprl SCOPE Europe is a subsidiary of Selbstregulierung
More informationRevised November EFESC Handbook
Revised November 2015 EFESC Handbook 1 Table of Contents EFESC Handbook... 1 Table of Contents... 2 Handbook EFESC... 4 1 Background and objectives... 4 1.1 Sectoral developments... 4 1.1 Objectives...
More informationTURKISH STANDARDS INSTITUTION
TURKISH STANDARDS INSTITUTION NEW GLOBAL OLD APPROACH REGULATIONS CONFORMITY ASSESSMENT PROCEDURES AND PRINCIPLES Board Decision : 29.04.2014 Date 50.-236 Validity date : 05.05.2014 CHAPTER ONE Objective,
More information1. Publishable Summary
1. Publishable Summary 1.1Project objectives and context Identity management (IdM) has emerged as a promising technology to distribute identity information across security domains. In e-business scenarios,
More informationSecure Messaging Mobile App Privacy Policy. Privacy Policy Highlights
Secure Messaging Mobile App Privacy Policy Privacy Policy Highlights For ease of review, Everbridge provides these Privacy Policy highlights, which cover certain aspects of our Privacy Policy. Please review
More informationTHE NEW EU DATA PROTECTION REGULATION: WHAT IS IT AND WHAT DO WE NEED TO DO? KALLIOPI SPYRIDAKI CHIEF PRIVACY STRATEGIST, EUROPE
THE NEW EU DATA PROTECTION REGULATION: WHAT IS IT AND WHAT DO WE NEED TO DO? KALLIOPI SPYRIDAKI CHIEF PRIVACY STRATEGIST, EUROPE EU DATA PROTECTION REGULATION Kalliopi Spyridaki Chief Privacy Strategist,
More informationRobert Bond. Respecting Privacy, Securing Data and Enabling Trust a view from Europe
Respecting Privacy, Securing Data and Enabling Trust a view from Europe Robert Bond, Partner & Notary Public Robert Bond Robert Bond has nearly 40 years' experience in advising national and international
More informationH2020-LEIT-ICT WP European Data Infrastructure ICT-13 Supporting the emergence of data markets and the data economy
H2020-LEIT-ICT WP2018-2020 European Data Infrastructure ICT-13 Supporting the emergence of data markets and the data economy Kimmo Rossi DG CNECT.G1 Data Policy and Innovation Unit Problem statement Sharing
More informationThe WINS Academy Security Certification Programme: The Route to Demonstrable Competence. Dr Roger Howsley, Executive Director
The WINS Academy Security Certification Programme: The Route to Demonstrable Competence. Dr Roger Howsley, Executive Director IAEA, 14 th May 2014 Key Messages The Nuclear Sector is a long way behind other
More informationEuropean Union Agency for Network and Information Security
Critical Information Infrastructure Protection in the EU Evangelos Ouzounis Head of Secure Infrastructure and Services Regional Cybersecurity Forum Sofia, Bulgaria 29 th November 2016 European Union Agency
More informationExam Questions IIA-CGAP
Exam Questions IIA-CGAP Certified Government Auditing Professional https://www.2passeasy.com/dumps/iia-cgap/ 1. Help define the role and responsibilities of auditors to internal and external entities.
More informationACCREDITATION COMMISSION FOR CONFORMITY ASSESSMENT BODIES
ACCREDITATION COMMISSION FOR CONFORMITY ASSESSMENT BODIES ACCREDITATION SCHEME MANUAL Document Title: Document Number: Various Accreditation Schemes ACCAB-ASM-7.0 CONTROLLED COPY Revision Number Revision
More informationASEAN e-authentication Workshop Balwinder Sahota
ASEAN e-authentication Workshop Balwinder Sahota Agenda ASEAN Single Window (ASW) What is ATIGA Form D The information flow of ATIGA Form D and related documents Security Requirements Challenges in Implementation
More informationEGNOS and ESSP Certification. ESESA Aviation Workshop 26 th - 27 th October 2010
EGNOS and ESSP Certification ESESA Aviation Workshop 26 th - 27 th October 2010 Content 1. Certification needs and framework 2. SES Certification regulations 3. Certification activities 4. Current Status
More informationETSI STF 412 AUDIT GUIDELINES FOR EVC (24 TH JAN 2012)
ETSI STF 412 AUDIT GUIDELINES FOR EVC (24 TH JAN 2012) Guidance on TS 102 042 for Issuing Extended Validation Certificates Presented by Arno Fiedler ETSI 2011. All rights reserved STF 412/438 TEAM 2 ETSI
More informationThe German IT Security Certification Scheme. Joachim Weber
The German IT Security Certification Scheme Joachim Weber The German IT Security Certification Scheme 1. The role of the BSI 2. The German IT Certificate Scheme 3. Certification procedures in detail 4.
More informationSAT for eid [EIRA extension]
SAT for eid [EIRA extension] eid Solution Architecture Template (SAT) v1.0.0 ISA² Action 2.1 - European Interoperability Architecture Page 1 of 1 Change control Modification Details Version 1.0.0 Migration
More informationEU policy and the way forward for smart meters and smart grids
Transmission & Distribution SMART GRIDS Europe 2012 Amsterdam 9-11 October 2012 EU policy and the way forward for smart meters and smart grids Manuel Sánchez, PhD Smart Grid Team Leader European Commission,
More informationFSC STANDARD. Standard for Multi-site Certification of Chain of Custody Operations. FSC-STD (Version 1-0) EN
FOREST STEWARDSHIP COUNCIL INTERNATIONAL CENTER FSC STANDARD Standard for Multi-site Certification of Chain of Custody Operations FSC-STD-40-003 (Version 1-0) EN 2007 Forest Stewardship Council A.C. All
More informationIntroduction of the Identity Assurance Framework. Defining the framework and its goals
Introduction of the Identity Assurance Framework Defining the framework and its goals 1 IAEG Charter Formed in August of 07 to develop a global standard framework and necessary support programs for validating
More informationThe MovingLife Project
The MovingLife Project MObile ehealth for the VINdication of Global LIFEstyle change and disease management solutions Stakeholders Conference The MovingLife Roadmaps Brussels 18 April 2013 Alessio Gugliotta
More informationImpacts of the GDPR in Afnic - Registrar relations: FAQ
Impacts of the GDPR in Afnic - Registrar relations: FAQ Background The adoption of Regulation (Eu) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural
More informationEU funded research is keeping up trust in digital society
EU funded research is keeping up trust in digital society Rafael Tesoro Trust and Security Unit DG Communica5ons Networks, Content and Technology European Commission Cybersecurity Strategy of the EU: An
More informationSafe and Secure. Online Backup with NetApp- Certified Quality
Safe and Secure Online Backup with NetApp- Certified Quality Backup like you ve never seen before Experience the new dimension of enterprise backup an online, onestop solution. Fully tested against over
More informationR e a c t i o n s t o t h e e - I n v o i c i n g r e p o r t o f t h e EU- E x p e r t g r o u p
Seite 1 von 6 Re: R e a c t i o n s t o t h e e - I n v o i c i n g r e p o r t o f t h e EU- E x p e r t g r o u p General assessment 1. Do you agree with the report s assessment, conclusions and recommendations?
More informationAWS Webinar. Navigating GDPR Compliance on AWS. Christian Hesse Amazon Web Services
AWS Webinar Navigating GDPR Compliance on AWS Christian Hesse Amazon Web Services What is the GDPR? What is the GDPR? The "GDPR" is the General Data Protection Regulation, a significant new EU Data Protection
More information