Blog

02 Nov
#GDPR
#IT
#security
More penalties from the DPA

The Office of Personal Data Protection in September this year. imposed another administrative penalty on an entity that failed to comply with obligations that stem directly from the RODO.

Read more arrow
25 Jul
#GDPR
#IT
#security
What about the whistleblowers? – first penalties and the third installment of the whistleblower protection bill.

Directive (EU) 2019/1937 of the European Parliament and of the Council of 23 October 2019 on on the protection of Union law whistleblowers, is already in effect as of December 17, 2021. However, until today (25.07.2022), a law clarifying the requirements of the Directive on the protection of whistleblowers has not appeared in the Polish legal order.

Read more arrow
19 Apr
#GDPR
#IT
#security
As an Administrator, can you choose the appropriate technical and organizational security measures necessary to ensure compliance with the GDPR?

The President of the Personal Data Protection Office imposed an administrative fine on the President of the District Court in Zgierz. The fine is not spectacular in terms of amount (PLN 10,000) and was imposed last year, but it is still worth paying attention to.

Read more arrow
01 Mar
#GDPR
#IT
#security
#Tests
“Control” is the highest form of trust – why is it worth auditing your processors?

February 28 this year. information about an administrative fine appeared on the UODO website. It was imposed on Fortum Marketing and Sales Polska. The President of UODO imposed an administrative fine in the amount of PLN 4,911,732.

Read more arrow
21 Feb
#IT
#security
#Tests
CHARLIE Grade – CRP

From 21:00 on February 21 to 23:59 on March 4, the CHARLIE - CRP alert level applies throughout the country.

Read more arrow
13 Jan
#GDPR
#IT
#security
#Tests
You do not care about the security of information, take into account the penalty from the President of the Personal Data Protection Office

On January 11, another information was published about an administrative fine in the amount of 45 thousand. zlotys. This penalty is once again related to the Administrator's failure to apply appropriate technical and organizational measures to ensure the ability to continuously ensure the confidentiality of processing services, also for the failure to regularly test, measure and evaluate the effectiveness of measures.

Read more arrow
09 Sep
#IT
#security
#Tests
Monitoring the unknown

The PoC carried out with the SCADA systems monitoring tool turned us on a yellow light. Why such strange traffic in our theoretically sterile networks.

Read more arrow
03 May
#IT
#security
#Tests
Due diligence – KSC

The National Cybersecurity System is a requirement for operators of key services and digital services. What are these requirements, quite sparingly described in the Act? What does the act itself say about how to ensure the security and continuity of key services?

Read more arrow
04 May
#IT
#security
#Tests
Exercise of the rights of the data subject – how long does it take?

How long does it actually take to identify and exercise the data subject's rights? Does our register of activities support the implementation of rights? Can we automate the processes of exercising the rights of the data subject?

Read more arrow
05 May
#IT
#security
#Tests
How do requests for the exercise of the rights of data subjects “disappear in the organization”?

A frequent problem of the organization is to ensure an effective and accountable internal communication channel, e.g. related to the implementation of data subjects' rights or reporting and handling violations of personal data protection.

Read more arrow
Did not find what you are looking for?
Write to us arrow