Problematické aspekty ochrany osobních údajů / Problematic Aspects of Personal Data Protection

Všetečková, Anna

January 2018

The thesis consists of five chapters, introduction and conclusion. The author of the thesis deals with introduction to the problematics of personal data protection and its relevance in the contemporary world in the introduction of the diploma thesis as well as with demarcation of the aims of the work. In the first chapter, the basic sources of legislation in the area of personal data protection are demarcated, both in Czech and in European and international level. In the second chapter, the attention is paid to the basics of the legislation in the area of personal data protection, whereas the author deals with demarcation of basic concepts, in the second subchapter she gives an overview of basic principles of personal data processing and in the third subchapter she summarizes legal titles for personal data processing. The institute of Data Protection Officer within the meaning of General Regulation is analysed in the third chapter. The first subchapter deals with demarcation of cases where the processor is obliged to designate the Data Protection Officer. The author pays attention to the problematics of requirements for qualification of the Data Protection Officer in the second subchapter. The major theme of third and fourth subchapter is demarcation of Data Protection Officers position to the controller...

The Economics of Data Breach: Asymmetric Information and Policy Interventions

Garcia, Michael Erik

23 July 2013

No description available.

Economics

Information Technology

cybersecurity

cyber security

data breach

economics

data breach notification

information security

information security economics

An Analysis of the Impact of Information Security Policies on Computer Security Breach Incidents in Law Firms

Heikkila, Faith M.

01 January 2009

Law firms maintain and store voluminous amounts of highly confidential and proprietary data, such as attorney-client privileged information, intellectual properties, financials, trade secrets, personal, and other sensitive information. There is an ethical obligation to protect law firm client data from unauthorized access. Security breaches jeopardize the reputation of the law firm and could have a substantial financial impact if these confidential data are compromised. Information security policies describe the security goals of a law firm and the acceptable actions and uses of law firm information resources. In this dissertation investigation, the author examined the problem of whether information security policies assist with preventing unauthorized parties from accessing law firm confidential and sensitive information. In 2005, Doherty and Fulford performed an exploratory analysis of security policies and security breach incidents that highlighted the need for research with different target populations. This investigation advanced Doherty and Fulford's research by targeting information security policies and security breach incidents in law firms. The purpose of this dissertation investigation was to determine whether there is a correlation between the timing of security policy development (proactive versus reactive policy development) and the frequency and severity of security breach incidents in law firms of varying sizes. Outcomes of this investigation correlated with Doherty and Fulford's general findings of no evidence of statistically significant relationships between the existence of a written information security policy and the frequency and severity of security breach incidents within law firms. There was also a weak relationship between infrequency of information security policy updates and increase of theft resources. Results demonstrated that, generally, written information security policies in law firms were not created in response to a security breach incident. These findings suggest that information security policies generally are proactively developed by law firms. Important contributions to the body of knowledge from this analysis included the effectiveness of information security policies in reducing the number of computer security breach incidents of law firms, an under represented population, in the information assurance field. Also, the analysis showed the necessity for law firms to become more immersed in state security breach notification law requirements.

computer security breach

data breach incidents

information security policy

law firms

personally identifiable information

state security breach notification laws

Computer Sciences

L'efficacité du régime de responsabilité civile comme mesure de contrainte au respect de l'obligation de sécurité des renseignements personnels

Lafont, Isabelle

11 1900

No description available.

Responsabilité civile

Sécurité informationnelle

Mesures de sécurité

Protection des renseignements personnels

Dommages-intérêts

Dommages-intérêts punitifs

Obligation de notification

Civil liability

Information security

Security safeguards

Protection of personal information

Damages

Punitive damages

Breach notification