SPF SANTE PUBLIQUE, SECURITE DE LA CHAINE ALIMENTAIRE ET ENVIRONNEMENT. EPD in the cloud
|
|
- Jeremy Adams
- 8 years ago
- Views:
Transcription
1 1 EPD in the cloud Jean-Marc Van Gyseghem Head of the «Liberties and Information Society» - Crids, University of Namur Member of the Bar of Brussels, Rawlings Giles lawfirm
2 2 Table of content What s Privacy? Health related data Behind the cloud Cloud and privacy Causes to effects Memorandum.
3 3 What s Privacy? «Il faut se réserver une arrière-boutique toute nôtre, toute franche, en laquelle nous établissons notre vraie liberté et principale retraite et solitude» MONTAIGNE «The right to be let alone» WARREN & BRANDEIS (1890) «La solitude à plusieurs» : The freedom to manage relationships with people without any exposure to any illegal interference. F. RIGAUX (1984)
4 4 What s Privacy? Privacy is one dimension of the human dignity; Privacy is a protection given to the personal sphere of each individual, including the right to establish details of their identity as individual human beings (ECHR, Christine Goodwin v. The United Kingdom, , par. 90) Privacy is a fundamental right
5 5 What s Privacy? Data protection = a tradition on the go: Universal declaration of Human Rights (UN) Privacy guidelines (OECD) European Convention on Human Rights (CoE) in 1950 Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (CETS108; CoE) in 1981 The Charter of Fundamental Rights of the EU in 2000 Privacy/data protection is anchored in Universal principles
6 6 Table of content What s Privacy? Health related data Behind the cloud Cloud and privacy Causes to effects Memorandum.
7 7 Health related data? Health related data = sensitive data; Health related data = extra protection Medical files = in the hospital under the responsability of the medical head (médecin-chef). Art. 25 lois coordonnées sur le hôpitaux de 2008.
8 8 Table of content What s Privacy? Health related data Behind the cloud Cloud and privacy Causes to effects Memorandum.
9 9 Behind the Cloud User Cloud provider User User server server?????
10 10 Behind the cloud Technical aspects Simple data base HTML «dressing» Access policy Legal aspects Administrator draws up the general access management unilateral changes If modifications occur the content accessible might change Secrecy breach.
11 11 Behind the Cloud Security User Cloud provider User User server server?????
12 12 Behind the cloud Technical aspects Recoverability Durability Availability Interconnection with data bases - Crossing of information Necessity of Internet connection Legal aspects Who is the access manager? User? Administrator? Who assures the access? User? Administrator? Who has the control on the data? User? Administrator? Who has the control on the data? User? Administrator? What about the continuity of the service in case of Internet shut down? What about the medical secrecy?
13 Data processor Data processor Cloud computing provider Hospital Data controller Data processor Data processor Cloud computing system Hospital Data controller Personal data flow
14 14 Table of content What s Privacy? Health related data Behind the cloud Cloud and privacy Causes to effects Memorandum.
15 Cloud and Privacy 15 What about the data subject? Principle of transparency and, beyond, which rights for the data subject? Obligation to inform about the recourse to a CCS: do we need a specific information towards the data subject (e.g patients)? Right to access: how to ensure the access when the data are at the CLCS data bases? Case of CLCS bankruptcy? Right of deletion: how can we be sure about the deletion of the data in case of contract s cancellation?
16 16 Cloud and Privacy What about the security/confidentiality? Security of transmission to the CCP and security within the CCP System Cloud computing system Secured connection Data processor Data processor Cloud computing provider Hospital Data processor Hospital
17 17 Cloud and Privacy Appropriate security measures to be supported by the data controller/hospital: obligation for Data controller to use a data processor of good quality (use of label system, need for ISO standards); Contract between the data controller and the data processor; Obligation to have specific clauses in case of termination of activities (problem of transfer and of bankruptcy)?
18 18 Cloud and Privacy Appropriate security measures by the Cloud privider: Information accountability principle (tell what you are doing and ensure that you will do it) Standardization as regards audit, nomination of a security obligation, data segregation, Obligations in case of security breach
19 19 Cloud and Privacy What about liability? Each actor has its own liability: Cloud computing provider: Security; Confidentiality; Etc. Hospital: Under the responsibility of the medical head Security of its own network; Access precaution; Etc.
20 20 Cloud and Privacy Data processor of the Cloud computing provider: Security; Confidentiality; Etc. Internet provider
21 21 Cloud and Privacy What about the probationary strength? Art. 36/1 of the Act of August 21st 2008 on the E-health platform: What about the security? What about the sustainability? What about the data protection itself (Europe, out of Europe, etc)
22 22 Table of content What s Privacy? Health related data Behind the cloud Cloud and privacy Causes to effects Memorandum.
23 23 Causes to effects Cause Breach to the access management Effect Lost of the patient confidence
24 24 Causes to effects Cause Breach to the access management Law enforcement (Patriot Act, etc) Effect Lost of the patient confidence Secrecy breach
25 25 Causes to effects Cause Breach to the access management Law enforcement (Patriot Act, etc) Decision tree Effect Lost of the patient confidence Secrecy breach Choice about the documents to be put in the cloud
26 26 Causes to effects Cause Breach to the access management Law enforcement (Patriot Act, etc) Function tree Back-up by the Cloud provider Effect Lost of the patient confidence Secrecy breach Choice about the documents to be put in the cloud Recoverability of the data (fire, water, etc)
27 27 Causes to effects Cause Breach to the access management Law enforcement (Patriot Act, etc) Function tree Back-up by the Cloud provider Negotiation Effect Lost of the patient confidence Secrecy breach Choice about the documents to be put in the cloud Recoverability of the data (fire, water, virus, etc) Negotiation together with other hospitals to get more strength.
28 28 Causes to effects Cause Breach to the access management Law enforcement (Patriot Act, etc) Function tree Back-up by the Cloud provider Negotiation Use of private cloud computing Effect Lost of the patient confidence Secrecy breach Choice about the documents to be put in the cloud Recoverability of the data (fire, water, etc) Negotiation together with other hospitals to get more strength. Maintaining control on the data.
29 29 Table of content What s Privacy? Health related data Behind the cloud Cloud and privacy Causes to effects Memorandum.
30 Memorandum 30 Long and short terms risks analysis: Adequate security measures (ISO/CEI 27002, for example): Physical security: Access to the data; Access to the server; Technical security: Access management; Network; Communication; Contract with the data processor.
31 31 Memorandum Security breach: Notification to the Privacy Commission within 48 hours (avis 01/2013); Information campaign to the public within 14 to Au public endéans les 24 à 48 heures (avis 01/2013).
32 32 Thanks for your attention
Cloud computing and personal data protection. Gwendal LE GRAND Director of technology and innovation CNIL
Cloud computing and personal data protection Gwendal LE GRAND Director of technology and innovation CNIL 1 Data protection in Europe Directive 95/46/EC Loi 78-17 du 6 janvier 1978 amended in 2004 (France)
More informationCCBE RESPONSE REGARDING THE EUROPEAN COMMISSION PUBLIC CONSULTATION ON CLOUD COMPUTING
CCBE RESPONSE REGARDING THE EUROPEAN COMMISSION PUBLIC CONSULTATION ON CLOUD COMPUTING CCBE response regarding the European Commission Public Consultation on Cloud Computing The Council of Bars and Law
More informationSummary of responses to the public consultation on Cloud computing run by CNIL from October to December 2011 and analysis by CNIL
Summary of responses to the public consultation on Cloud computing run by CNIL from October to December 2011 and analysis by CNIL 1. Definition of Cloud Computing In the public consultation, CNIL defined
More informationRecommendations for companies planning to use Cloud computing services
Recommendations for companies planning to use Cloud computing services From a legal standpoint, CNIL finds that Cloud computing raises a number of difficulties with regard to compliance with the legislation
More informationAN INSIDE VIEW FROM THE EU EXPERT GROUP ON CLOUD COMPUTING
AN INSIDE VIEW FROM THE EU EXPERT GROUP ON CLOUD COMPUTING 1. Overview and Background On 27 September 2012, the European Commission adopted a strategy for "Unleashing the potential of cloud computing in
More informationLegal Aspects of Cloud Computing. Dr. Susann Wolfgram & Ulrike Weinbrenner Dr. Alexander Duisberg (Bird&Bird)
Legal Aspects of Cloud Computing Dr. Susann Wolfgram & Ulrike Weinbrenner Dr. Alexander Duisberg (Bird&Bird) Agenda Cloud Computing Overview Role Play on Hot Topics SAAS versus on-premise software licensing
More informationUNIVERSITY OF MAINE SYSTEM STANDARDS FOR SAFEGUARDING INFORMATION ATTACHMENT C
UNIVERSITY OF MAINE SYSTEM STANDARDS FOR SAFEGUARDING INFORMATION ATTACHMENT C This Attachment addresses the Contractor s responsibility for safeguarding Compliant Data and Business Sensitive Information
More informationLaw enforcement in the clouds - challenges
Octopus Conference 2010 Outlook session on security and privacy in the clouds Law enforcement in the clouds - challenges Strasbourg, 25 March 2010 Alexander Seger Council of Europe, Strasbourg, France
More informationData Processing Agreement for Oracle Cloud Services
Data Processing Agreement for Oracle Cloud Services Version December 1, 2013 1. Scope and order of precedence This is an agreement concerning the Processing of Personal Data as part of Oracle s Cloud Services
More informationArticle 29 Working Party Issues Opinion on Cloud Computing
Client Alert Global Regulatory Enforcement If you have questions or would like additional information on the material covered in this Alert, please contact one of the authors: Cynthia O Donoghue Partner,
More informationData protection issues on an EU outsourcing
Data protection issues on an EU outsourcing Saam Golshani, Alastair Gorrie and Diego Rigatti, Orrick Herrington & Sutcliffe www.practicallaw.com/8-380-8496 Outsourcing can mean subcontracting a process
More informationPrivacy and Personal Data Protection: Legal Context and Social Perception
Privacy and Personal Data Protection: Legal Context and Social Perception Estelle De Marco Inthemis FIA 2011 Budapest Economics of Privacy Wednesday 18 May 2011 Privacy (12 UDHR, 17 ICCPR, 8 ECHR, 7 EU
More informationData Protection and Cloud Computing: an Overview of the Legal Issues
Data Protection and Cloud Computing: an Overview of the Legal Issues Christopher Kuner Partner, Hunton & Williams, Brussels Research Assistant, University of Copenhagen Nordic IT Law Conference Copenhagen,
More informationBYOD Privacy and Security in Europe
BYOD Privacy and Security in Europe BYOD: Overview 2 BYOD Overview 38% of companies expect to stop providing electronic devices to their employees by 2016 (1) According to a 2013 survey conducted by Cisco,
More informationCloud computing Alessandro Galtieri Pavel Klimov Severin Loeffler
Cloud computing Alessandro Galtieri, Senior Lawyer, Colt Technology Services, London, UK Pavel Klimov, General Counsel EMEA, Unisys, London, UK Severin Loeffler, Assistant General Counsel, Central Eastern
More informationI. Background information
A clean and open Internet: Public consultation on procedures for notifying and acting on illegal content hosted by online intermediaries I. Background information 1. Please indicate your role for the purpose
More informationResponse of the Northern Ireland Human Rights Commission on the Health and Social Care (Control of Data Processing) NIA Bill 52/11-16
Response of the Northern Ireland Human Rights Commission on the Health and Social Care (Control of Data Processing) NIA Bill 52/11-16 Summary The Northern Ireland Human Rights Commission (the Commission):
More informationTERMS AND CONDITIONS OF USE OF THE WEBSITE GENERAL TERMS AND CONDITIONS
TERMS AND CONDITIONS OF USE OF THE WEBSITE GENERAL TERMS AND CONDITIONS Preamble Touscoprod, an EURL with capital of 7,500 Euros, listed on the Paris Companies Registry as number 510 096 365, with registered
More informationPersonal data and cloud computing, the cloud now has a standard. by Luca Bolognini
Personal data and cloud computing, the cloud now has a standard by Luca Bolognini Lawyer, President of the Italian Institute for Privacy and Data Valorization, founding partner ICT Legal Consulting Last
More informationPersonnalisez votre intérieur avec les revêtements imprimés ALYOS design
Plafond tendu à froid ALYOS technology ALYOS technology vous propose un ensemble de solutions techniques pour vos intérieurs. Spécialiste dans le domaine du plafond tendu, nous avons conçu et développé
More informationEmployee monitoring in France. January 2010. Contents. Legal Framework 1
Employee monitoring in France January 2010 Contents Legal Framework 1 Principal situations where an individual's privacy is restricted in the workplace 1 Potential disciplinary sanctions applied to employees
More informationTerms & Conditions of HYPE Softwaretechnik GmbH ( HYPE ) for HYPE Enterprise Express (Version October 2015) 1 Scope
1 Scope 1 (1) These terms and conditions (the T&C HYPE Enterprise Express ) together with the description of the Software Services provided by HYPE accepted by Customer by completing the HYPE Enterprise
More informationThe Use of Cloud Computing for the Storing and Accessing of Client Information: Some Practical and Ethical Considerations
The Use of Cloud Computing for the Storing and Accessing of Client Information: Some Practical and Ethical Considerations Jeffrey D. Scott Jeffrey D. Scott, Legal Professional Corporation Practice Advisors
More informationOverview. Data protection in a swirl of change 28.03.2014. Cloud computing. Software as a service. Infrastructure as a service. Platform as a service
Data protection in a swirl of change Overview 1 Data protection issues in cloud computing 2 Consent for mobile applications Security Seminar 2014: Privacy Radboud University Nijmegen 3 The WhatsApp case
More informationCyber Security and Cloud Computing. Dr Daniel Prince Course Director MSc in Cyber Security d.prince@lancaster.ac.uk
Cyber Security and Cloud Computing Dr Daniel Prince Course Director MSc in Cyber Security d.prince@lancaster.ac.uk Scope of Today SME Attractors for Cloud Switching to the Cloud Public Private Hybrid Big
More informationCloud Service Agreements: Avoiding the Pitfalls of the Cloud as a Commodity. Amy Mushahwar, Esq.
Cloud Service Agreements: Avoiding the Pitfalls of the Cloud as a Commodity Amy Mushahwar, Esq. What s New? Not That Much. Some have their heads in the cloud we prefer to stay down in the weeds and know
More informationCloud Computing: Trust But Verify
Cloud Computing: Trust But Verify 14th Annual Privacy and Security Conference February 8, 2013, Victoria Martin P.J. Kratz, QC Bennett Jones LLP Cloud Computing Provision of services available on the Internet
More informationCloud Computing: Legal Risks and Best Practices
Cloud Computing: Legal Risks and Best Practices A Bennett Jones Presentation Toronto, Ontario Lisa Abe-Oldenburg, Partner Bennett Jones LLP November 7, 2012 Introduction Security and Data Privacy Recent
More informationLegal Issues Associated with Cloud Computing. Laurin H. Mills May 13, 2009
Legal Issues Associated with Cloud Computing Laurin H. Mills May 13, 2009 What Is Cloud Computing? The cloud is a metaphor for the Internet Leverages the connectivity of the Internet to optimize the utility
More informationISO 27001 Controls and Objectives
ISO 27001 s and Objectives A.5 Security policy A.5.1 Information security policy Objective: To provide management direction and support for information security in accordance with business requirements
More informationLAWYERING IN THE CLOUD CRIB NOTES 2012 Charles F. Luce, Jr. coloradolegalethics.com/ (alpha release)
CHARLES LUCE S LAWYERING IN THE CLOUD CRIB NOTES 2012 Charles F. Luce, Jr. coloradolegalethics.com/ (alpha release) A. Cloud Computing Defined: n. A loosely defined term for any system providing access
More informationData Privacy in the Cloud: A Dozen Myths & Facts
Data Privacy in the Cloud: A Dozen Myths & Facts March 7-9 Washington DC Presented by: Barbara Cosgrove, Chief Security Officer, Workday, Inc. Lothar Determann, Partner, Baker & McKenzie LLP We re taking
More informationBRITISH COUNCIL DATA PROTECTION CODE FOR PARTNERS AND SUPPLIERS
BRITISH COUNCIL DATA PROTECTION CODE FOR PARTNERS AND SUPPLIERS Mat Wright www.britishcouncil.org CONTENTS Purpose of the code 1 Scope of the code 1 The British Council s data protection commitment and
More informationISO27001 Controls and Objectives
Introduction This reference document for the University of Birmingham lists the control objectives, specific controls and background information, as given in Annex A to ISO/IEC 27001:2005. As such, the
More informationHow To Protect Your Data In The Cloud
Cloud Computing Hot topics in relation to security, liability and privacy Steven De Schrijver Cloud Computing : who and what is involved? Data Cloud Service Provider (e.g. SaaS, PaaS, IaaS) Sub-contractor
More informationPROPOSAL 20. Resolution 130 of Marrakesh on the role of ITU in information and communication network security
PROPOSAL 20 Resolution 130 of Marrakesh on the role of ITU in information and network security Submitted by the following Member States: Germany (Federal Republic of), Austria, Belarus (Republic of), Bulgaria
More informationAltiris Patch Management Solution for Windows 7.6 from Symantec Third-Party Legal Notices
Appendix A Altiris Patch Management Solution for Windows 7.6 from Symantec Third-Party Legal Notices This appendix includes the following topics: Third-Party Legal Attributions CabDotNet MICROSOFT PLATFORM
More informationHow To Become A Successful Computer Scientist
EIT ICT Labs Information & Communication Technology Labs Master in ICT Comment passer 1 an ailleurs en Europe, puis revenir à UNS dans le M2 IFI Parcours UBINET EIT ICT Labs Strategy Integrating the Knowledge
More informationCloud Computing and Privacy Laws! 17.7. 22.7. 2011 Prof. Dr. Thomas Fetzer, LL.M. Technische Universität Dresden Law School
DEUTSCH-FRANZÖSISCHE SOMMERUNIVERSITÄT! FÜR NACHWUCHSWISSENSCHAFTLER 2011! CLOUD COMPUTING : HERAUSFORDERUNGEN UND MÖGLICHKEITEN UNIVERSITÉ DʼÉTÉ FRANCO-ALLEMANDE POUR JEUNES CHERCHEURS 2011! CLOUD COMPUTING
More informationTitle Sujet: MDM Professional Services Solicitation No. Nº de l invitation Date: 1000313802_A August 13, 2013
RETURN BID TO/ RETOURNER LES SOUMISSIONS À : Canada Border Services Agency Cheque Distribution and Bids Receiving Area 473 Albert Street, 6 th floor Ottawa, ON K1A 0L8 Facsimile No: (613) 941-7658 Bid
More informationINFORMATION TECHNOLOGY CHARTER
INFORMATION TECHNOLOGY CHARTER INFORMATION TECHNOLOGY CHARTER Reference : extract- internal rules and regulations Name Position Date and signature Author Revised by Validation: Bruno Frédéric Head of IT
More informationAnnex 1. Contract Checklist for Cloud-Based Genomic Research Version 1.0, 21 July 2015
Annex 1. Contract Checklist for Cloud-Based Genomic Research Version 1.0, 21 July 2015 The following comprises a checklist of areas that genomic research organizations or consortia (collectively referred
More informationContracting with a Cloud Service Provider DATA PROTECTION WORKSHOP NJERI OLWENY, MICROSOFT
Contracting with a Cloud Service Provider DATA PROTECTION WORKSHOP NJERI OLWENY, MICROSOFT Overview Cloud computing offers great opportunities for organizations, including schools, hospitals and businesses
More informationTELEFÓNICA UK LTD. Introduction to Security Policy
TELEFÓNICA UK LTD Introduction to Security Policy Page 1 of 7 CHANGE HISTORY Version No Date Details Authors/Editor 7.0 1/11/14 Annual review including change control added. Julian Jeffery 8.0 1/11/15
More informationWhite Paper. Improved Delivery and Management of Critical Information: Solicitors Regulation Authority Compliance
White Paper Improved Delivery and Management of Critical Information: Solicitors Regulation Authority Compliance Author Document Number Revision Issue Date Copyright : : : : : Ben Martin WHP-1010 V2.2
More informationAskAvanade: Answering the Burning Questions around Cloud Computing
AskAvanade: Answering the Burning Questions around Cloud Computing There is a great deal of interest in better leveraging the benefits of cloud computing. While there is a lot of excitement about the cloud,
More informationRisks and Countermeasures in the Public Cloud
Risks and Countermeasures in the Public Cloud Alessandro Vallega fond member of AIEA Security Business Development, Oracle Italy Oracle Community for Security Director Clusit Board of Directors Paragliding
More informationWork programme 2016 2018
ARTICLE 29 Data Protection Working Party 417/16/EN WP235 Work programme 2016 2018 Adopted on 2 February 2016 This Working Party was set up under Article 29 of Directive 95/46/EC. It is an independent European
More informationDeclaration of Internet Rights Preamble
Declaration of Internet Rights Preamble The Internet has played a decisive role in redefining public and private space, structuring relationships between people and between people and institutions. It
More informationCOUNCIL OF THE EUROPEAN UNION. Brussels, 22 November 2006 15644/06 DATAPROTECT 45 EDPS 3
COUNCIL OF THE EUROPEAN UNION Brussels, 22 November 2006 15644/06 DATAPROTECT 45 EDPS 3 COVER NOTE from: Secretary-General of the European Commission, signed by Mr Jordi AYET PUIGARNAU, Director date of
More informationThe impact of the personal data security breach notification law
ICTRECHT The impact of the personal data security breach notification law On 1 January 2016 legislation will enter into force in The Netherlands requiring organisations to report personal data security
More informationData Security and Privacy Principles for IBM SaaS How IBM Software as a Service is protected by IBM s security-driven culture
Data Security and Privacy Principles for IBM SaaS How IBM Software as a Service is protected by IBM s security-driven culture 2 Data Security and Privacy Principles for IBM SaaS Contents 2 Introduction
More informationApplication of Data Protection Concepts to Cloud Computing
Application of Data Protection Concepts to Cloud Computing By Denitza Toptchiyska Abstract: The fast technological development and growing use of cloud computing services require implementation of effective
More informationThe problem of cloud data governance
The problem of cloud data governance Vasilis Tountopoulos, Athens Technology Center S.A. (ATC) CSP EU Forum 2014 - Thursday, 22 nd May, 2014 Focus on data protection in the cloud Why data governance in
More informationEnterprise Risk Management & Board members. GUBERNA Alumni Event June 19 th 2014 Prepared by Gaëtan LEFEVRE
Enterprise Risk Management & Board members GUBERNA Alumni Event June 19 th 2014 Prepared by Gaëtan LEFEVRE Agenda Introduction Do we need Risk Management? The 8 th EU Company Law Directive Art 41, 2b Three
More informationPresidency conclusions on establishing a strategy to combat the manipulation of sport results
COU CIL OF THE EUROPEA U IO EN Presidency conclusions on establishing a strategy to combat the manipulation of sport results 3201st EDUCATIO, YOUTH, CULTURE and SPORT Council meeting Brussels, 26 and 27
More informationInsurance Europe key messages on the European Commission's proposed General Data Protection Regulation
Position Paper Insurance Europe key messages on the European Commission's proposed General Data Protection Regulation Our reference: SMC-DAT-12-064 Date: 3 September 2012 Related documents: Proposal for
More informationPanel 1. Greater Regulation of Special Threats to Privacy. Data Protection in the 21st Century
Panel 1 Greater Regulation of Special Threats to Privacy Data Protection in the 21st Century Questions for Panel 1 Greater Regulation of Special Threats to Privacy I. Need for reform What are currently
More informationCLOUD COMPUTING FOR SMALL- AND MEDIUM-SIZED ENTERPRISES:
CLOUD COMPUTING FOR SMALL- AND MEDIUM-SIZED ENTERPRISES: Privacy Responsibilities and Considerations Cloud computing is the delivery of computing services over the Internet, and it offers many potential
More informationRFP AMENDMENT#2 DDP MODIFICATION#2
RETURN BIDS TO: RETOURNER LES SOUMISSIONS Á: Parks Canada Agency Bids Receiving 111 Water Street East Cornwall, ON K6H 6S3 RFP AMENDMENT#2 DDP MODIFICATION#2 Proposal to: Parks Canada Agency We hereby
More informationData Privacy and Security for Market Research in the Cloud
Data Privacy and Security for Market Research in the Cloud Peter Milla IIeX2015 NA Agenda Page 2 1. Background 2. Why the Cloud? 3. Data Privacy and Data Security in the Cloud 4. How do We Deal with It?
More informationCOMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS
EUROPEAN COMMISSION Brussels, XXX [ ](2011) XXX draft COMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS
More informationAcquia Comments on EU Recommendations for Data Processing in the Cloud
Acquia Comments on EU Recommendations for Data Processing in the Cloud Executive Summary On July 1, 2012, European Union (EU) data protection regulators provided guidelines for service providers processing
More informationNote concernant votre accord de souscription au service «Trusted Certificate Service» (TCS)
Note concernant votre accord de souscription au service «Trusted Certificate Service» (TCS) Veuillez vérifier les éléments suivants avant de nous soumettre votre accord : 1. Vous avez bien lu et paraphé
More informationCloud Computing Risks & Reality. Sandra Liepkalns, CRISC sandra.liepkalns@netrus.com
Cloud Computing Risks & Reality Sandra Liepkalns, CRISC sandra.liepkalns@netrus.com What is Cloud Security The quality or state of being secure to be free from danger & minimize risk To be protected from
More informationChecklist: Cloud Computing Agreement
Checklist: Cloud Computing Agreement crosslaw s checklists Date : 21 November 2015 Version 1.4 Tags : ICT Law Johan Vandendriessche Johan is partner and heads the ICT/IP/Data Protection practice. He combines
More informationManaging Cyber Risk through Insurance
Managing Cyber Risk through Insurance Eric Lowenstein Aon Risk Solutions This presentation has been prepared for the Actuaries Institute 2015 ASTIN and AFIR/ERM Colloquium. The Institute Council wishes
More informationAnchor Bay Schools Software Policy
Anchor Bay Schools Software Policy Table of Contents 1. Statement of Ethics... Page 1 2. Purchasing and Acquisition... Page 1 3. Registration... Page 1 4. Installation of Software... Page 2 5. Individual
More informationEMMANUEL CE VA MIDDLE SCHOOL. IT Security Standards
EMMANUEL CE VA MIDDLE SCHOOL IT Security Standards 1. Policy Statement The work of Schools and the County Council is increasingly reliant upon Information & Communication Technology (ICT) and the data
More informationAltiris Patch Management Solution for Windows 7.5 SP1 from Symantec Third-Party Legal Notices
Appendix A Altiris Patch Management Solution for Windows 7.5 SP1 from Symantec Third-Party Legal Notices This appendix includes the following topics: Third-Party Legal Attributions CabDotNet XML-RPC.NET
More informationINFORMATION SECURITY POLICY. Contents. Introduction 2. Policy Statement 3. Information Security at RCA 5. Annexes
INFORMATION SECURITY POLICY Ratified by RCA Senate, February 2007 Contents Introduction 2 Policy Statement 3 Information Security at RCA 5 Annexes A. Applicable legislation and interpretation 8 B. Most
More informationCloud Computing and Records Management
GPO Box 2343 Adelaide SA 5001 Tel (+61 8) 8204 8773 Fax (+61 8) 8204 8777 DX:336 srsarecordsmanagement@sa.gov.au www.archives.sa.gov.au Cloud Computing and Records Management June 2015 Version 1 Version
More informationDrawing Lines in the Cloud: Jurisdictional Access to Data. Nancy Libin Mary Ellen Callahan
Drawing Lines in the Cloud: Jurisdictional Access to Data Nancy Libin Mary Ellen Callahan OVERVIEW Introduction to Cloud Computing Definition Benefits and Risks How does the physical location of data or
More informationThe United Nations Convention against Corruption An Overview
The United Nations Convention against Corruption An Overview The United Nations Convention against Corruption Adopted by the General Assembly: Resolution 58/4, 31 October 2003 Entry into Force: 14 December
More informationPrivacy and Cloud Computing for Australian Government Agencies
Privacy and Cloud Computing for Australian Government Agencies Better Practice Guide February 2013 Version 1.1 Introduction Despite common perceptions, cloud computing has the potential to enhance privacy
More informationCloud Security Introduction and Overview
Introduction and Overview Klaus Gribi Senior Security Consultant klaus.gribi@swisscom.com May 6, 2015 Agenda 2 1. Cloud Security Cloud Evolution, Service and Deployment models Overview and the Notorious
More informationWorking Party on Information Security and Privacy
Unclassified DSTI/ICCP/REG(2003)5/REV1 DSTI/ICCP/REG(2003)5/REV1 Unclassified Organisation de Coopération et de Développement Economiques Organisation for Economic Co-operation and Development 02-Jul-2003
More informationWhat s the Path? Information Life-cycle part of Vendor Management
Disclaimer The materials provided in this presentation and any comments or information provided by the presenter are for educational purposes only and nothing conveyed or provided should be considered
More informationENIL. European Network on Independent Living. Christian Bayerlein
ENIL European Network on Independent Living Christian Bayerlein ENIL About us: History, Aims and Mission, People Institutions P.A. models, terms, advantages Socio-economic advantages The UN-Convention
More informationCONTRACT MANAGEMENT POLICY
CONTRACT MANAGEMENT POLICY Division I : General provisions 1. Purpose The Town of Kirkland hereby establishes various rules pertaining to contract management with a view to promoting transparency, fairness,
More informationRAPPORT FINANCIER ANNUEL PORTANT SUR LES COMPTES 2014
RAPPORT FINANCIER ANNUEL PORTANT SUR LES COMPTES 2014 En application de la loi du Luxembourg du 11 janvier 2008 relative aux obligations de transparence sur les émetteurs de valeurs mobilières. CREDIT
More informationCloud Services Agreement & SLA
Cloud Services Agreement & SLA This agreement ( Agreement ) is between APH Inc. (which may be doing business as Codero, or other fictitious names, and which is referred to in this Agreement as Codero )
More informationPRIVACY CHECKLIST FOR CLOUD SERVICE CONTRACTS
PRIVACY CHECKLIST FOR CLOUD SERVICE CONTRACTS CIRRUS WORSHOP 28 February 2013, The Interna
More informationPrivacy, the Cloud and Data Breaches
Privacy, the Cloud and Data Breaches Annelies Moens Head of Sales and Operations, Information Integrity Solutions Legalwise Seminars Sydney, 20 March 2013 About IIS Building trust and privacy through global
More informationTechnical Service Bulletin
Technical Service Bulletin FILE CONTROL CREATED DATE MODIFIED DATE FOLDER OpenDrive 02/05/2005 662-02-25008 Rev. : A Installation Licence SCO sur PC de remplacement English version follows. Lors du changement
More informationData Management Session: Privacy, the Cloud and Data Breaches
Data Management Session: Privacy, the Cloud and Data Breaches Annelies Moens Head of Sales and Operations, IIS President, iappanz IACCM APAC Australia Sydney, 1 August 2012 Overview Changing privacy regulation
More informationEDRi s. January 2015. European Digital Rights Rue Belliard 20, 1040 Brussels www.edri.org @EDRi tel. +32 (0) 2 274 25 70
EDRi s Red lines on TTIP January 2015 European Digital Rights Rue Belliard 20, 1040 Brussels www.edri.org @EDRi tel. +32 (0) 2 274 25 70 ABOUT EDRI European Digital Rights is a network of 34 privacy and
More informationJeanne Kelly, Partner Cloud Computing: The Legal Issues
Jeanne Kelly, Partner Cloud Computing: The Legal Issues 14 June 2010 One of the things we really need to watch out for is that we don t hold cloud deployment back because we have some storyline about how
More informationRole of contracts in Cloud Computing an Overview. Kevin McGillivray Doctoral Candidate (NRCCL)
Role of contracts in Cloud Computing an Overview Kevin McGillivray Doctoral Candidate (NRCCL) Barriers/Challenges to Cloud Transparency Compliance Legal Shared infrastructure Subcontractors (and their
More informationCloud Computing In a Post Snowden World. Guy Wiggins, Kelley Drye & Warren LLP Alicia Lowery Rosenbaum, Microsoft Legal and Corporate Affairs
Cloud Computing In a Post Snowden World Guy Wiggins, Kelley Drye & Warren LLP Alicia Lowery Rosenbaum, Microsoft Legal and Corporate Affairs Guy Wiggins Director of Practice Management Kelley Drye & Warren
More informationGOVERNMENT HOSTING. Cloud Service Security Principles Memset Statement. www.memset.com
GOVERNMENT HOSTING Cloud Service Security Principles Memset Statement Summary - March 2014 The Cabinet Office has produced a set of fourteen Cloud Service Security Principles to be considered when purchasers
More informationIsraeli Law Information and Technology Authority. Privacy and Data Security in the Cloud - The Israeli Perspective
הרשות למשפט, טכנולוגיה ומידע Israeli Law Information and Technology Authority Privacy and Data Security in the Cloud - The Israeli Perspective Amit Ashkenazi, Head of the Legal Department Outline Introduction
More informationReckon Tools Backup licence agreement
Reckon Tools Backup licence agreement RECKON LIMITED ( RECKON ) AGREES TO PROVIDE AND YOU AGREE TO RECEIVE THE SERVICES SUBJECT TO THE FOLLOWING TERMS AND CONDITIONS: 1. Your subscription to the back-up,
More informationPractical Overview on responsibilities of Data Protection Officers. Security measures
Practical Overview on responsibilities of Data Protection Officers Security measures Manuel Villaseca Spanish Data Protection Agency mvl@agpd.es Security measures Agenda: The rol of DPO on security measures
More informationNSW Government Digital Information Security Policy
NSW Government Digital Information Security Policy Version: 2.0 Date: April 2015 CONTENTS PART 1 PRELIMINARY... 3 1.1 Scope... 3 1.2 Application... 3 1.3 Objectives... 3 PART 2 POLICY STATEMENT... 4 Core
More informationDSTI/ICCP/REG(98)10/FINAL Or. Eng.
Unclassified DSTI/ICCP/REG(98)10/FINAL DSTI/ICCP/REG(98)10/FINAL Or. Eng. Unclassified Organisation de Coopération et de Développement Economiques OLIS : 18-Dec-1998 Organisation for Economic Co-operation
More informationPrivacy in Surveillance Systems in Banking and Finance Call Centers
The project European Union Regulation of Financial Services online (175798-LLP-1-2010-1-CZ-AJM- MO) executed from 2011 to 2013 is cofinanced from the resources of Directorate General Education and Culture
More informationHow not to lose your head in the Cloud: AGIMO guidelines released
How not to lose your head in the Cloud: AGIMO guidelines released 07 December 2011 In brief The Australian Government Information Management Office has released a helpful guide on navigating cloud computing
More informationINFORMATION SECURITY GUIDE. Cloud Computing Outsourcing. Information Security Unit. Information Technology Services (ITS) July 2013
INFORMATION SECURITY GUIDE Cloud Computing Outsourcing Information Security Unit Information Technology Services (ITS) July 2013 CONTENTS 1. Background...2 2. Legislative and Policy Requirements...3 3.
More informationCP3043 Social, Legal and Professional Aspects of Computing. Mr Graham Brown. Assessment 2
CP3043 Social, Legal and Professional Aspects of Computing Mr Graham Brown Assessment 2 Colin Hopson 0482647 Wednesday 16 th April 2008 i Contents 1 Introduction... 1 1.1 The Bridgeway Building Society...
More information