scholarly journals GDPR implementation as the main reason for the regional fragmentation in the online mediasphere

2021 ◽  
Vol 273 ◽  
pp. 08099
Author(s):  
Mikhail Smolenskiy ◽  
Nikolay Levshin
Keyword(s):  
European Union ◽  
Data Protection ◽  
Personal Data ◽  
Main Role ◽  
The European Union ◽  
Protection Measures ◽  
General Data Protection Regulation ◽  
Personal Data Protection ◽  
The Usa ◽  
General Data

The EU’s General Data Protection Regulation (GDPR) applies not only to the territory of the European Union, but also to all information systems containing data of EU’s citizens around the world. Misusing or carelessly handling personal data bring fines of up to 20 million euros or 4% of the annual turnover of the offending company. This article analyzes the main trends in the global implementation of the GDPR. Authors considered and analyzed results of personal data protection measures in nineteen regions: The USA, Canada, China, France, Germany, India, Kazakhstan, Nigeria, Russia, South Korea and Thailand, as well as the European Union and a handful of other. This allowed identifying a direct pattern between the global tightening of EU’s citizens personal data protection and the fragmentation of the global mediasphere into separate national segments. As a result of the study, the authors conclude that GDPR has finally slowed down the globalization of the online mediasphere, playing a main role in its regional fragmentation.

scholarly journals Data Sharing Under the General Data Protection Regulation

Hypertension ◽  
2021 ◽  
Vol 77 (4) ◽  
pp. 1029-1035
Author(s):  
Antonia Vlahou ◽  
Dara Hallinan ◽  
Rolf Apweiler ◽  
Angel Argiles ◽  
Joachim Beige ◽  
...  
Keyword(s):  
European Union ◽  
Data Protection ◽  
Personal Data ◽  
Research Approach ◽  
The European Union ◽  
General Data Protection Regulation ◽  
Personal Data Protection ◽  
Protection Legislation ◽  
General Data ◽  
Almost All

The General Data Protection Regulation (GDPR) became binding law in the European Union Member States in 2018, as a step toward harmonizing personal data protection legislation in the European Union. The Regulation governs almost all types of personal data processing, hence, also, those pertaining to biomedical research. The purpose of this article is to highlight the main practical issues related to data and biological sample sharing that biomedical researchers face regularly, and to specify how these are addressed in the context of GDPR, after consulting with ethics/legal experts. We identify areas in which clarifications of the GDPR are needed, particularly those related to consent requirements by study participants. Amendments should target the following: (1) restricting exceptions based on national laws and increasing harmonization, (2) confirming the concept of broad consent, and (3) defining a roadmap for secondary use of data. These changes will be achieved by acknowledged learned societies in the field taking the lead in preparing a document giving guidance for the optimal interpretation of the GDPR, which will be finalized following a period of commenting by a broad multistakeholder audience. In parallel, promoting engagement and education of the public in the relevant issues (such as different consent types or residual risk for re-identification), on both local/national and international levels, is considered critical for advancement. We hope that this article will open this broad discussion involving all major stakeholders, toward optimizing the GDPR and allowing a harmonized transnational research approach.

scholarly journals ALGORITHM OF USER’S PERSONAL DATA PROTECTION AGAINST DATA LEAKS IN WINDOWS 10 OS

2019 ◽  
Vol 9 (1) ◽  
pp. 41-44
Author(s):  
Olexander Zadereyko ◽  
Olena Trofymenko ◽  
Nataliia Loginova
Keyword(s):  
European Union ◽  
Operating Systems ◽  
Data Protection ◽  
Computer Systems ◽  
Personal Data ◽  
The European Union ◽  
General Data Protection Regulation ◽  
Personal Data Protection ◽  
Processing Data ◽  
General Data

In the European Union, in the first half of 2018, the General Data Protection Regulation came into force, which established the new rules for processing users’ personal data for IT companies. The operating systems (OS) are the dominant software that is responsible for collecting and processing data in computer systems. The most common OS is the Windows OS family. The authors identified Windows 10 operating systems, that collect and accumulate user's personal data; developed and tested practically an algorithm, the application of which localizes and blocks the transfer of user's personal data to official servers of the Microsoft company.

scholarly journals Credit-Based Insurance Scores: some Observations in the Light of the European General Data Protection Regulation

2020 ◽  
pp. 155-186
Author(s):  
María Dolores Mas Badia
Keyword(s):  
Data Protection ◽  
Personal Data ◽  
Insurance Companies ◽  
The European Union ◽  
History Data ◽  
General Data Protection Regulation ◽  
Personal Data Protection ◽  
Credit History ◽  
Automated Processing ◽  
General Data

Despite the differences between credit risk and insurance risk, in many countries large insurance companies include credit history amongst the information to be taken into account when assigning consumers to risk pools and deciding whether or not to offer them an auto or homeowner insurance policy, or to determine the premium that they should pay. In this study, I will try to establish some conclusions concerning the requirements and limits that the use of credit history data by insurers in the European Union should be subject to. In order to do this, I shall focus my attention primarily on Regulation (EU) 2016/679. This regulation, that came into force on 24 May 2018, not only forms the backbone of personal data protection in the EU, but is also set to become a model for regulation beyond the borders of the Union. This article will concentrate on two main aspects: the lawful basis for the processing of credit history data by insurers, and the rules that should apply to decisions based solely on automated processing, including profiling.Received: 30 December 2019Accepted: 07 February 2020Published online: 02 April 2020

scholarly journals OpenEHR and General Data Protection Regulation: Evaluation of Principles and Requirements (Preprint)

2018 ◽  
Author(s):  
Duarte Gonçalves-Ferreira ◽  
Mariana Sousa ◽  
Gustavo M Bacelar-Silva ◽  
Samuel Frade ◽  
Luís Filipe Antunes ◽  
...  
Keyword(s):  
Data Protection ◽  
Personal Data ◽  
Design Principles ◽  
Security And Privacy ◽  
The European Union ◽  
Health Records ◽  
General Data Protection Regulation ◽  
Personal Data Protection ◽  
General Data ◽  
The Common

BACKGROUND Concerns about privacy and personal data protection resulted in reforms of the existing legislation in the European Union (EU). The General Data Protection Regulation (GDPR) aims to reform the existing directive on the topic of personal data protection of EU citizens with a strong emphasis on more control of the citizens over their data and in the establishment of rules for the processing of personal data. OpenEHR is a standard that embodies many principles of interoperable and secure software for electronic health records (EHRs) and has been advocated as the best approach for the development of hospital information systems. OBJECTIVE This study aimed to understand to what extent the openEHR standard can help in the compliance of EHR systems to the GDPR requirements. METHODS A list of requirements for an EHR to support GDPR compliance and also a list of the openEHR design principles were made. The requirements were categorized and compared with the principles by experts on openEHR and GDPR. RESULTS A total of 50 GDPR requirements and 8 openEHR design principles were identified. The openEHR principles conformed to 30% (15/50) of GDPR requirements. All the openEHR principles were aligned with GDPR requirements. CONCLUSIONS This study showed that the openEHR principles conform well to GDPR, underlining the common wisdom that truly realizing security and privacy requires it to be built in from the start. By using an openEHR-based EHR, the institutions are closer to becoming compliant with GDPR while safeguarding the medical data.

scholarly journals Impact of the European General Data Protection Regulation (GDPR) on Health Data Management in a European Union Candidate Country: A Case Study of Serbia (Preprint)

2019 ◽  
Author(s):  
Branko Marovic ◽  
Vasa Curcin
Keyword(s):  
European Union ◽  
Health System ◽  
Data Protection ◽  
Personal Data ◽  
Health Data ◽  
Candidate Country ◽  
General Data Protection Regulation ◽  
Personal Data Protection ◽  
General Data ◽  
The Eu

UNSTRUCTURED As of May 2018, all relevant institutions within member countries of the European Economic Area are required to comply with the European General Data Protection Regulation (GDPR) or face significant fines. This regulation has also had a notable effect on the European Union (EU) candidate countries, which are undergoing the process of harmonizing their legislature with the EU as part of the accession process. The Republic of Serbia is an example of such a candidate country, and its 2018 Personal Data Protection Act mirrors the majority of provisions in the GDPR. This paper presents the impact of the GDPR on health data management and Serbia’s capability to conduct international health data research projects. Data protection incidents reported in Serbia are explored to identify common underlying causes using a novel taxonomy of contributing factors across aspects and health system levels. The GDPR has an extraterritorial application for the non-EU data controllers who process the data of EU citizens and residents, which mainly affects private practices used by medical tourists from the EU, public health care institutions frequented by foreigners, as well as expatriates, dual citizens, tourists, and other visitors. Serbia generally does not have well-established procedures to support international research collaborations around its health data. For smaller projects, contractual arrangements can be made with health data providers and their ethics committees. Even then, organizations that have not previously participated in similar ventures may require approval or support from health authorities. Extensive studies that involve multisite data typically require the support of central health system institutions and relevant research data aggregators or electronic health record vendors. The lack of a framework for preparation, anonymization, and assurance of privacy preservation forces researchers to rely heavily on local expertise and support. Given the current limitation and potential issues with the legislation, it remains to be seen whether the move toward the GDPR will be beneficial for the Serbian health system, medical research, protection of personal data and privacy rights, and research capacity. Although significant progress has been made so far, a strategic approach is needed at the national level to address insufficient resources in the area of data protection and develop the personal data protection environment further. This will also require a targeted educational effort among health workers and decision makers, aiming to improve awareness and develop skills and knowledge necessary for the workforce.

SEVERAL QUESTIONS REGARDING THE RULES FOR THE PROTECTION OF PERSONAL DATA IN KINDERGARTEN

2021 ◽  
Vol 12 (1) ◽  
pp. 261-268
Author(s):  
Angel Manchev ◽  
Keyword(s):  
Data Protection ◽  
Technological Progress ◽  
Data Exchange ◽  
Personal Data ◽  
The European Union ◽  
General Data Protection Regulation ◽  
Personal Data Protection ◽  
The Core ◽  
General Data ◽  
The Republic

The protection of personal data is one of the core values of modern European societies. This protection is provided by the law of the European Union and by the national legislations of the Member States, to which the Republic of Bulgaria also belongs. As of May 25, 2018, the protection of personal data is being expanded and updated in response to technological progress and the increasingly accelerated data exchange. The reason for this is the entry into force of Regulation (EU ) 2016/679 (General Data Protection Regulation, GDPR) and the changes in our national law that it imposes. In the sense of what has been said so far, the issues of personal data protection in children’s institutions are especially relevant, because these organizations actively handle personal data at any level of children, parents, teachers and staff. In this article, we will try to give short answers to some of the most important questions regarding personal data and the rules for their protection, according to European and Bulgarian legislation.

scholarly journals The Impact of the New European Union General Data Protection Regulation (GDPR) on Data Collection at Mass Gatherings

2019 ◽  
Vol 34 (s1) ◽  
pp. s138-s138
Author(s):  
Annelies Scholliers ◽  
Dimitri De Fré ◽  
Inge D’haese ◽  
Stefan Gogaert
Keyword(s):  
European Union ◽  
Data Collection ◽  
Data Protection ◽  
Scientific Research ◽  
Personal Data ◽  
The European Union ◽  
General Data Protection Regulation ◽  
Mass Gatherings ◽  
General Data ◽  
The Law

Introduction:As of May 2018, a new European privacy law called the General Data Protection Regulation (GDPR) is in order. With this law, every organization operating in the European Union (EU), needs to adhere to a strict set of rules concerning collection and processing of personal data.Aim:To explore the consequences of the GDPR for data collection at mass gatherings in the European Union.Methods:Since the law was published on April 27, 2016, a thorough reading of the law was conducted by 4 persons with a background in mass gathering health. The GDPR consists of 99 articles organized into 11 chapters. There are also 173 recitals to further explain certain ambiguities. Key articles and recitals relating to healthcare and scientific research were identified. Possible pitfalls and opportunities for data collection and processing at mass gatherings were noted.Discussion:Under article 4, key definitions are noted. There is a clear definition of “data concerning health”. According to the GDPR, health data is a special category of personal data which should not be processed according to article 9(1). However, there is an exception for scientific research (article 9(2)(j)). There are a few safeguards in place, as laid out in article 89. One interesting point is that according to article 89(2), certain derogations can take place if the law interferes with scientific research. The GDPR has major consequences for data collection and processing in the EU. However, with the use of certain safeguards (e.g., pseudonymization) there are still ample opportunities for scientific research. It is important to review one’s method of data collection to make sure it complies with the GDPR.

scholarly journals Personal Data Security in South Africa’s Financial Services Market: The Protection of Personal Information Act 4 of 2013 and the European Union General Data Protection Regulation Compared

2021 ◽  
Vol 24 ◽  
pp. 1-32
Author(s):  
Tapiwa V Warikandwa
Keyword(s):  
European Union ◽  
Data Protection ◽  
Financial Services ◽  
Personal Information ◽  
Personal Data ◽  
African Countries ◽  
General Data Protection Regulation ◽  
Personal Data Protection ◽  
General Data ◽  
Laws And Regulations

The contemporary global financial services market has witnessed a substantial increase in cybercrime which places consumers’ personal data at risk. Rapid increases in cybercrime linked to the financial services market have driven financial market regulators to pass novel laws and regulations aimed at curbing the rate of occurrence of cybercrimes connected to personal data sharing. To that end, banks and/or financial services companies in Europe have swiftly moved to comply with the European Union’s General Data Protection Regulation. Whilst personal data protection regulation is not a new concept in Europe, most African countries (with exception of South Africa) do not have laws and regulations on personal data protection. With the financial services market being extremely vulnerable to cyber risks owing to the digitisation of the financial services sector, it is important to assess the suitability of South Africa’s current regulatory framework concerning the protection of personal data. This article thus examines South Africa’s Protection of Personal Information Act 4 of 2013 with a view to ascertaining its suitability and/or adequacy in protecting personal data in the country’s financial services market. With the global Covid-19 pandemic bringing about concerns related to rapid increases in cyber-attacks in the financial services market owing to the increased sharing of the sensitive personal data of consumers, there is also need to test the POPIA’s conformity with the strict European Union GDPR personal data protection guidelines.

Sign in / Sign up

Export Citation Format

Share Document