Global ETD Search

551	Implementering av Zero Trust i ett händelsestyrt meddelandesystem / Implementation of Zero Trust in an Event-Driven Messaging System Wilson, Paul-Stefan Luay, Bahadi, Georges January 2024 (has links) Denna rapport adresserar den centrala problemställningen kring säkerheten i händelsestyrda meddelandesystem genom att undersöka och implementera Zero Trust-arkitektur. Problemet är av stor relevans på grund av den ökande användningen av sådana system och det växande behovet av robusta säkerhetslösningar för att hantera utmaningar relaterade till asynkron kommunikation och datahantering. Zero Trust-modellen erbjuder en innovativ strategi för att förstärka säkerheten genom att eliminera implicit tillit och istället kontinuerligt verifiera användare och enheter, vilket gör det särskilt lämpligt för dynamiska och distribuerade system. Genom att utforska och analysera egenskaperna hos händelsestyrda meddelandesystem och identifiera de utmaningar som de presenterar för säkerhetsarkitekturen, undersöker rapporten en mängd olika metoder för att genomföra Zero Trust-principen. Genom en noggrann integrering av dessa metoder framhäver rapporten en effektiv och skalbar lösning för att säkra och skydda känsliga resurser och data i händelsestyrda meddelandesystem. Den presenterade lösningen belyser värdet av Zero Trust som en tillförlitlig modell för att hantera säkerhetsrisker och säkerställa en hållbar och robust arkitektur för asynkron kommunikation i moderna IT-system. / This report addresses the central issue of security in event-driven messaging systems by examining and implementing Zero Trust architecture. The problem is highly relevant due to the increasing use of such systems and the growing need for robust security solutions to manage challenges related to asynchronous communication and data handling. The Zero Trust model offers an innovative approach to enhancing security by eliminating implicit trust and instead continuously verifying users and devices, making it particularly suitable for dynamic and distributed systems. By exploring and analyzing the characteristics of event-driven messaging systems and identifying the challenges they present for security architecture, the report investigates various methods for implementing the Zero Trust principle. Through careful integration of these methods, the report highlights an effective and scalable solution for securing and protecting sensitive resources and data in event-driven messaging systems. The presented solution underscores the value of Zero Trust as a reliable model for addressing security risks and ensuring a sustainable and robust architecture for asynchronous communication in modern IT systems. Zero Trust Event-Driven Messaging Systems Security Asynchronous Communication Access Control Identity Management Implementation Data Protection Authorization Control Zero Trust händelsestyrt meddelandesystem säkerhet asynkron kommunikation identitetshantering implementering skydd av data behörighetskontroll Computer Engineering Datorteknik
552	Mapping out the Key Security Components in Relational Databases (MK-SCoRe) : Enhancing the Security of Relational Database Technology / Kartläggning av Nyckelkomponenter för Säkerhet i Relationsdatabaser (MK-SCoRe) : Förbättring av Säkerheten i Relationsdatabasteknik Alobaidi, Murtadha, Trabulsiah, Abdullah January 2024 (has links) Relational database security has become an increasingly important issue for organizations worldwide in the current era of data-driven operations. The urgent need for an extensive knowledge of relational database security components in relational databases is addressed in this thesis. Database security is constantly improving, but there is still a lack of research that analyzes these important factors. Because of this gap, databases are not sufficiently secured from new cyber threats, which endangers its accessibility, confidentiality, and integrity. The problem that the thesis addresses is the lack of comprehensive research covering all key security components in relational databases which, presents a challenge for organizations seeking to comprehensively secure their database systems. The purpose of this thesis is to systematically map the key security components essential to relational databases. The goal is to assist organizations and Database professionals to secure their relational databases against diverse cyber threats. Using a qualitative and exploratory methodology, the research analyzes a wide range of literature on database security. The research offers a balanced and comprehensive perspective on the current security landscape in relational databases by integrating theoretical study with structured interviews. This method guarantees that all essential security components is fully investigated. The results of this thesis involve a detailed mapping of the key security components within relational databases, which are uniquely informed by a combination of academic research and empirical findings from structured interviews with Database security experts. This thesis analyzes these security components based on how well they address current security threats, how well they secure databases, and how well they can adapt to different organizational needs. / Säkerhet i relationsdatabaser har blivit en allt viktigare fråga för organisationer världen över i den nuvarande eran av datadriven verksamhet. I den här avhandlingen behandlas det akuta behovet av en omfattande kunskap om säkerhetskomponenter för relationsdatabaser i relationsdatabaser. Databassäkerheten förbättras ständigt, men det finns fortfarande en brist på forskning som analyserar dessa viktiga faktorer. På grund av denna brist är databaser inte tillräckligt skyddade mot nya cyberhot, vilket äventyrar deras tillgänglighet, konfidentialitet och integritet. Problemet som avhandlingen tar upp är bristen på omfattande forskning som täcker alla viktiga säkerhetskomponenter i relationsdatabaser, vilket utgör en utmaning för organisationer som vill säkra sina databassystem på ett heltäckande sätt. Syftet med denna avhandling är att systematiskt kartlägga de viktigaste säkerhetskomponenterna som är väsentliga för relationsdatabaser. Målet är att hjälpa organisationer och databasspecialister att säkra sina relationsdatabaser mot olika cyberhot. Med hjälp av en kvalitativ och explorativ metod analyseras ett brett spektrum av litteratur om databassäkerhet. Forskningen erbjuder ett balanserat och omfattande perspektiv på det nuvarande säkerhetslandskapet i relationsdatabaser genom att integrera teoretiska studier med strukturerade intervjuer. Denna metod garanterar att alla väsentliga säkerhetskomponenter undersöks fullständigt. Resultatet av denna avhandling innebär en detaljerad kartläggning av de viktigaste säkerhetskomponenterna inom relationsdatabaser, som är unikt informerade av en kombination av akademisk forskning och empiriska resultat från strukturerade intervjuer med databassäkerhetsexperter. Denna avhandling analyserar dessa säkerhetskomponenter utifrån hur väl de hanterar aktuella säkerhetshot, hur väl de säkrar databaser och hur väl de kan anpassas till olika organisatoriska behov. Relational Database Security Database Security Cyber Threats Data Protection Access Control Database Vulnerabilities Encryption Network Security. Säkerhet i Relationsdatabaser Databassäkerhet Cyberhot Datasäkerhet Åtkomstkontroll Sårbarheter i Databaser Kryptering Nätverkssäkerhet. Computer and Information Sciences Data- och informationsvetenskap
553	Data Subject Rights in Mental Health Applications : Assessing the Exercise of Data Subject Rights under the GDPR / Rättigheter för Registrerade Personer i Mentala Hälsoappar : En Bedömning Enligt GDPR Gustafsson, Oliver January 2024 (has links) The rapid growth of Mobile Health (mHealth) applications, particularly those focusedon mental health, has provided accessible and affordable support for users’ well-being.However, this growth has raised substantial privacy concerns, especially regardinghandling sensitive personal health data. This thesis evaluates the extent to whichmental health apps allow users to exercise their Data Subject Rights (DSRs) under theEuropean General Data Protection Regulation (GDPR) and provides recommendationsfor enhancing data protection and user privacy. The primary objectives are to identifythe relevant DSRs for mental health apps, empirically assess the extent to which suchrights are respected on the existing apps, and propose actionable recommendationsfor improvement. The study’s methodology involved a comprehensive review ofprivacy policies, using automated tools for privacy assessment, and submitting DataSubject Access Requests (DSARs) to app providers. Findings indicate that whilesome apps demonstrate high conformity with DSRs, the majority still falls short invarious aspects. Common issues include inadequate transparency in privacy policies,incomplete responses to DSARs, and non-compliance with the right to data portability.Specifically, only 45.5% of apps responded to the DSARs with a partial or completeanswer, and only 40% of the responses contained data in machine-readable formats,meeting the requirements for data portability. The study emphasizes the need formental health app developers to enhance privacy practices, ensuring users are fullyinformed about data collection and usage, can easily access and delete their personaldata, and receive their data in portable formats. Recommendations include improvingthe clarity and accessibility of privacy policies, adopting best practices for datasecurity, and implementing user-friendly mechanisms for data access and deletion. Inconclusion, while progress has been made in GDPR compliance among mental healthapps, significant improvement is still needed. Addressing these challenges will betterprotect user privacy, build trust, and support the responsible development of digitalhealth technologies. / Den snabba tillväxten av mobila hälsoappar, särskilt de som fokuserar på psykisk hälsa,har gjort det möjligt för användare att få tillgång till prisvärt och lättillgängligt stöd förderas välbefinnande. Men denna tillväxt har också väckt betydande integritetsfrågor,särskilt när det gäller hantering av känsliga personuppgifter om hälsa. Dettaexamensarbete utvärderar i vilken utsträckning hälsoappar för psykisk ohälsa tillåteranvändare att utöva sina rättigheter enligt den europeiska dataskyddsförordningenoch bidrar med rekommendationer för att förbättra dataskydd och användarintegritet.De primära målen är att identifiera relevanta rättigheter för hälsoappar för psykiskohälsa, empiriskt bedöma i vilken utsträckning sådana rättigheter respekteras ibefintliga appar och föreslå konkreta rekommendationer för förbättring. Studienhar genomförts med en omfattande granskning av integritetspolicys, användning avautomatiserade verktyg för integritetsbedömning och inlämning av begäranden omregisterutdrag till applikationsleverantörer. Resultaten visar att även om vissa apparuppvisar hög överensstämmelse med rättigheterna från GDPR, faller majoritetenfortfarande kort på flera områden. Vanliga problem inkluderar otillräcklig transparensi integritetspolicys, ofullständiga svar på DSARs och bristande efterlevnad av rätten tilldataportabilitet. Specifikt svarade endast 45,5% av apparna på DSARs med ett delviseller komplett svar, och endast 40% av svaren innehöll data i maskinläsbara format,vilket uppfyller kraven för dataportabilitet. Studien betonar behovet för utvecklare avhälsoappar för psykisk ohälsa att förbättra deras integritet, säkerställa att användareär fullt informerade om datainsamling och användning, lätt kan komma åt och raderasina personuppgifter samt ta emot sin data i portabla format. Rekommendationerinkluderar att förbättra tydligheten och tillgängligheten av integritetspolicys, antabästa praxis för datasäkerhet och implementera användarvänliga mekanismer fördataåtkomst och radering. Sammanfattningsvis, även om framsteg har gjorts i GDPR-efterlevnad bland hälsoappar för psykisk ohälsa, behövs betydande förbättringar. Attta itu med dessa utmaningar kommer att bättre skydda användarnas integritet, byggaförtroende och stödja den ansvarsfulla utvecklingen av digitala hälsoteknologier. data protection privacy Data Subject Rights GDPR mobile health mHealth mental health apps empirical study dataskydd integritet Datasubjektets rättigheter GDPR mobil hälsa mentala hälsoappar empirisk studie Computer Sciences Datavetenskap (datalogi)
554	Development of a diagnostic instrument and privacy model for student personal information privacy perceptions at a Zimbabwean university Maguraushe, Kudakwashe 05 1900 (has links) Orientation: The safety of any natural being with respect to the processing of their personal information is an essential human right as specified in the Zimbabwe Data Protection Act (ZDPA) bill. Once enacted, the ZDPA bill will affect universities as public entities. It will directly impact how personal information is collected and processed. The bill will be fundamental in understanding the privacy perceptions of students in relation to privacy awareness, privacy expectations and confidence within university. These need to be understood to give guidelines to universities on the implementation of the ZPDA. Problem Statement: The current constitution and the ZDPA are not sufficient to give organisations guidelines on ensuring personal information privacy. There is need for guidelines to help organisations and institutions to implement and comply with the provisions of the ZDPA in the context of Zimbabwe. The privacy regulations, regarded as the three concepts (awareness, expectations and confidence), were used to determine the student perceptions. These three concepts have not been researched before in the privacy context and the relationship between the three concepts has not as yet been established. Research purpose: The main aim of the study was to develop and validate an Information Privacy Perception Survey (IPPS) diagnostic tool and a Student Personal Information Privacy Perception (SPIPP) model to give guidelines to universities on how they can implement the ZDPA and aid universities in comprehending student privacy perceptions to safeguard personal information and assist in giving effect to their privacy constitutional right. Research Methodology: A quantitative research method was used in a deductive research approach where a survey research strategy was applied using the IPPS instrument for data collection. The IPPS instrument was designed with 54 items that were developed from the literature. The preliminary instrument was taken through both the expert review and pilot study. Using the non-probability convenience sampling method, 287 students participated in the final survey. SPSS version 25 was used for data analysis. Both descriptive and inferential statistics were done. Exploratory factor analysis (EFA) was used to validate the instrument while confirmatory factor analysis (CFA) and the structural equation modelling (SEM) were used to validate the model. Main findings: diagnostic instrument was validated and resulted in seven new factors, namely university confidence (UC), privacy expectations (PE), individual awareness (IA), external awareness (EA), privacy awareness (PA), practice confidence (PC) and correctness expectations (CE). Students indicated that they had high expectations of the university on privacy. The new factors showed a high level of awareness of privacy and had low confidence in the university safeguarding their personal information privacy. A SPIPP empirical model was also validated using structural equation modelling (SEM) and it indicated an average overall good fit between the proposed SPIPP conceptual model and the empirically derived SPIPP model Contribution: A diagnostic instrument that measures the perceptions (privacy awareness, expectations and confidence of students) was developed and validated. This study further contributed a model for information privacy perceptions that illustrates the relationship between the three concepts (awareness, expectations and confidence). Other universities can use the model to ascertain the perceptions of students on privacy. This research also contributes to improvement in the personal information protection of students processed by universities. The results will aid university management and information regulators to implement measures to create a culture of privacy and to protect student data in line with regulatory requirements and best practice. / School of Computing / Ph. D. (Information Systems) Confirmatory factor analysis Correctness expectations Diagnostic instrument Exploratory factor analysis External awareness Individual awareness Practice confidence Perceptions Personal information Privacy Privacy education Privacy expectations Instrument Structural equation modelling University confidence 005.807116891 Zimbabwe Data Protection Act
555	Protection of Personal Data, a Power Struggle between the EU and the US: What implications might be facing the transfer of personal data from the EU to the US after the CJEU’s Safe Harbour ruling? Strindberg, Mona January 2016 (has links) Since the US National Security Agency’s former contractor Edward Snowden exposed the Agency’s mass surveillance, the EU has been making a series of attempts toward a more safeguarded and stricter path concerning its data privacy protection. On 8 April 2014, the Court of Justice of the European Union (the CJEU) invalidated the EU Data Retention Directive 2006/24/EC on the basis of incompatibility with the Charter of Fundamental Rights of the European Union (the Charter). After this judgment, the CJEU examined the legality of the Safe Harbour Agreement, which had been the main legal basis for transfers of personal data from the EU to the US under Decision 2000/520/EC. Subsequently, on 6 October 2015, in the case of Schrems v Data Protection Commissioner, the CJEU declared the Safe Harbour Decision invalid. The ground for the Court’s judgment was the fact that the Decision enabled interference, by US public authorities, with the fundamental rights to privacy and personal data protection under Article 7 and 8 of the Charter, when processing the personal data of EU citizens. According to the judgment, this interference has been beyond what is strictly necessary and proportionate to the protection of national security and the persons concerned were not offered any administrative or judicial means of redress enabling the data relating to them to be accessed, rectified or erased. The Court’s analysis of the Safe Harbour was borne out of the EU Commission’s own previous assessments. Consequently, since the transfers of personal data between the EU and the US can no longer be carried out through the Safe Harbour, the EU legislature is left with the task to create a safer option, which will guarantee that the fundamental rights to privacy and protection of personal data of the EU citizens will be respected. However, although the EU is the party dictating the terms for these transatlantic transfers of personal data, the current provisions of the US law are able to provide for derogations from every possible renewed agreement unless they become compatible with the EU data privacy law. Moreover, as much business is at stake and prominent US companies are involved in this battle, the pressure toward the US is not only coming from the EU, but some American companies are also taking the fight for EU citizens’ right to privacy and protection of their personal data. EU EU Law US Privacy Law Safe Harbour Safe Harbor Data Protection Personal Data transfer Facebook Articles 7 8 and 47 of the Charter Article 16(1) of the TFEU Article 8 ECHR EDPS Decision 2000/520/EC Directive 95/46/EC Personal Integrity Right to Privacy Right to Private Life Data Retention Surveillance IT Law Article 29 Working Party EU-rätt EU-stadgan datalagring datalagringsdirektivet personlig integritet dataskydd grundläggande rättigheter proportionalitetsprincipen
556	Strafregtelike beskerming van inligting Nienaber, Catharina Wilhelmina 11 1900 (has links) In hierdie proefskrif is die belangrike rol wat inligting tans en toenemend in die samelewing speel ondersoek, om te beklemtoon hoe noodsaaklik dit tans is om `n misdryf wat die wederregtelike en opsetlike verkryging van inligting strafbaar sal reël, te verorden. Die rol wat industriële spioenasie in die verband speel word uitgelig. As gevolg van die bepaalde onliggaamlike aard van inligting kan inligting nie soos liggaamlike eiendom `n persoon ontneem word nie. Inligting word gewoonlik bloot gekopieer en die oorspronklike houer van die inligting behou die inligting hoewel die dader ook die inligting verkry. Die gemeenregtelike misdaad van diefstal maak dus nie voorsiening vir die diefstal van inligting waar die inligting bloot gekopieer of gedupliseer is nie. Om te bepaal hoe hierdie bepaalde probleem in ander lande se regstelsels aangespreek word en om kennis op te doen oor hoe dit in die Suid-Afrikaanse reg aangespreek behoort te word, is die strafregtelike bepalings en selfs nie-strafregtelike bepalings in lande soos Engeland, Amerika, Kanada en Nederland ondersoek. Ten einde vas te stel welke inligting deur die strafreg beskerm behoort te word, is selfs sekere nie-strafregtelike bepalings van vermelde lande en van die Suid-Afrikaanse reg nagegaan. Insigte is verkry oor welke elemente sodanige inligting aan moet voldoen en `n definisie van beskermwaardige inligting word aanbeveel. Vir hierdie doel is `n nuwe begrip van beskermwaardige inligting geskep. Die redes waarom diefstal van inligting nie in Suid-Afrikaanse en die ander lande se regstelsels nie erken word nie, is bespreek. Die wyse waarop die gemeenregtelike misdaad van diefstal na die diefstal van onliggaamlike geld uitgebrei is, is ondersoek waarna `n aanbeveling gemaak word oor hoe die definisie van diefstal uitgebrei kan word om ook ander onliggaamlike objekte in te sluit. As gevolg van die bepaalde aard van inligting kan die gemeenregtelike definisie van diefstal nie uitgebrei word om inligting as `n objek in te sluit nie en word `n statutêre misdryf van diefstal van inligting voorgestel. / Jurisprudence / LL. D. Inligting Handelsgeheime Onliggaamlike sake Onliggaamlike eiendom Spioenasie Vertroulikheid Diefstal Gemeenregtelike misdaad Kriminalisering Geld Data Beskermwaardige inligting Ekonomiese waarde Kommunikasies Intellektuele eiendom Business intelligence -- South Africa Computer crimes -- South Africa Commercial crimes -- South Africa Information warfare -- South Africa
557	Legal and policy aspects to consider when providing information security in the corporate environment Dagada, Rabelani 11 1900 (has links) E-commerce is growing rapidly due to the massive usage of the Internet to conduct commercial transactions. This growth has presented both customers and merchants with many advantages. However, one of the challenges in E-commerce is information security. In order to mitigate e-crime, the South African government promulgated laws that contain information security legal aspects that should be integrated into the establishment of information security. Although several authors have written about legal and policy aspects regarding information security in the South African context, it has not yet been explained how these aspects are used in the provision of information security in the South African corporate environment. This is the premise upon which the study was undertaken. Forty-five South African organisations participated in this research. Data gathering methods included individual interviews, website analysis, and document analysis. The findings of this study indicate that most organisations in South Africa are not integrating legal aspects into their information security policies. One of the most important outcomes of this study is the proposed Concept Model of Legal Compliance in the Corporate Environment. This Concept Model embodies the contribution of this study and demonstrates how legal requirements can be incorporated into information security endeavours. The fact that the proposed Concept Model is technology-independent and that it can be implemented in a real corporate environment, regardless of the organisation’s governance and management structure, holds great promise for the future of information security in South Africa and abroad. Furthermore, this thesis has generated a topology for linking legislation to the provision of information security which can be used by any academic or practitioner who intends to implement information security measures in line with the provisions of the law. It is on the basis of this premise that practitioners can, to some extent, construe that the integration of legislation into information security policies can be done in other South African organisations that did not participate in this study. Although this study has yielded theoretical, methodological and practical contributions, there is, in reality, more research work to be done in this area. / School of Computing / D. Phil. (Information Systems) 343.9944068 Intellectual property -- South Africa
558	How should the protection of privacy, threatened by new technologies like radio frequency identification (RFID), be seen from a Judeo-Christian perspective? Schmidt, Erwin Walter 11 1900 (has links) Radio Frequency Identification (RFID) is a new technology which allows people to identify objects automatically but there is a suspicion that, if people are tracked, their privacy may be infringed. This raises questions about how far this technology is acceptable and how privacy should be protected. It is also initiated a discussion involving a wide range of technical, philosophical, political, social, cultural, and economical aspects. There is also a need to consider the ethical and theological perspectives. This dissertation takes all its relevant directions from a Judeo-Christian theological perspective. On one side the use of technology is considered, and on the other side the value of privacy, its infringements and protection are investigated. According to Jewish and Christian understanding human dignity has to be respected including the right to privacy. As a consequence of this RFID may only used for applications that do not infringe this right. This conclusion, however, is not limited to RFID; it will be relevant for other, future surveillance technologies as well. / Philosophy & Systematic Theology / M. Th. (Theological ethics) Radio frequency identification Privacy Human rights Right to privacy Technology Information and communication technology Privacy enhancing technology Internet of things Data protection Privacy impact assessment 201.66 Technology -- Religious aspects Technology -- Moral and ethical aspects Human rights Privacy, Right of
559	Rechtliche und praktische Probleme der Integration von Telemedizin in das Gesundheitswesen in Deutschland Dierks, Christian 30 November 1999 (has links) Telemedizin ist der Einsatz von Telekommunikation und Informatik, um medizinische Dienstleistungen zu erbringen oder zu unterstützen, wenn die Teilnehmer räumlich getrennt sind. Die einzelnen telemedizinischen Anwendungen sind im Vordringen begriffen. Telemedizin ist allerdings kein eigenes Fachgebiet, sondern eine Methode, herkömmliche medizinische Maßnahmen zu unterstützen und zu verbessern. Da die Teilnehmer telemedizinischer Anwendungen nicht am selben Ort und zur selben Zeit agieren müssen, ist Telemedizin prädestiniert für die Überwindung der Sektorierung des Gesundheitssystems. Telemedizin kann insbesondere Rationalisierungsreserven mobilisieren und medizinische Dienstleistungen effektiver und effizienter gestalten. Ungeachtet dessen gibt es fünf Problemfelder, die beobachtet und weiter entwickelt werden müssen, um Telemedizin auch für die Zukunft möglich zu machen: Die unterschiedlichen Kommunikationsstandards müssen harmonisiert werden, damit der Datenfluß zwischen den Teilnehmer optimiert werden kann. Krankenkassen und Leistungserbringer müssen gemeinsam eine solide Basis für die Finanzierung derjenigen telemedizinischen Dienstleistungen etablieren, die dem Stand der wissenschaftlichen Erkenntnis entsprechen. Telemedizin mit Auslandsbeteiligung zieht in der Regel haftungsrechtliche Kollisionen nach sich, die von den Teilnehmern durch eine Rechtswahl- und eine Gerichsstandsvereinbarung vermieden werden können. Die sozialrechtlichen Möglichkeiten, insbesondere solche, Praxisnetze zu bilden, müssen noch in Einklang mit den berufsrechtlichen Vorgaben gebracht werden, da diese einer überörtlichen Leistungserbringergemeinschaft und einer entsprechenden Information des Patienten zum Teil noch im Weg stehen.Die durch die Telemedizin neu entstehenden Möglichkeiten der Kommunikation müssen durch zusätzliche Maßnahmen für Datenschutz und Datensicherheit flankiert werden. Insbesondere bei Datenübertragungen ins Ausland sollten sich die Teilnehmer durch eine gesonderte Einwilligung des Patienten in diesen Datenfluß absichern. / Telemedicine is the use of information and telecommunication technologies to provide and support health care when distance separates the participants. The single uses of telemedicine are growing in quality and quantity. Telemedicine, however, is not a medical field of its own, but a tool that can be used in most fields of medicine to enhance and support communication procedures. Since the participants must not act at the same time and at the same venue, telemedicine is bound to overcome the sectoral boundaries in a health system, which is separated in an outpatient and an inpatient world. Telemedicine can help to mobilise the health systems rationalisation potential and make procedures more effective and more efficient. There still are five tasks that have to be observed and to be solved, to make telemedicine possible in the future: Harmonisation of communicational standards must progress to optimise communication between the participants. Health insurance funds and medical persons must cooperate to insure a solid basis of financing for telemedicinal procedures that are state of the art. Participants of cross-border telemedicine must be aware of colliding laws and are well advised to agree upon the law to be applied and the court in charge. The professional law for doctors in Germany must be reconciled with the managed care concepts of practice networks that are legally permissible in terms of social law. Data protection and data security must be ensured under the new conditions of telemedicine. Especially cross-border data flow should be based on the informed consent of the patient involved Telemedizin Harmonisierung Kommunikationsstandards Finanzierung Vergütungssystem Haftungsrecht Rechtswahlvereinbarung Gerichtsstandsvereinbarung Praxisnetze Berufsrecht Gesetzliche Krankenversicherung Datenschutz Datensicherheit Multi-Media-Gesetz Telemedicine Harmonisation Communication standards Financing Reimbursement System Litigational Aspects Choice of Law Choice of Court Practise Networks Professional Law Statutory Health Insurance Data Protection Data Security Multimedia-Law 610 Medizin 33 Medizin ST 350 ddc:610
560	IL POTERE DI CONTROLLO DEL DATORE DI LAVORO TRA ESIGENZE DELL'IMPRESA E TUTELA DELLA DIGNITA' E DELLA RISERVATEZZA DEI LAVORATORI ROSSI, NICOLO' 14 May 2019 (has links) Il potere di controllare l’attività dei lavoratori subordinati è da sempre una manifestazione ineliminabile della posizione giuridica del datore di lavoro. Nella misura in cui risulta necessario alla corretta esecuzione del contratto, l’assoggettamento del lavoratore al controllo datoriale costituisce una componente essenziale del rapporto di cui all’art. 2094 c.c., contribuendo a definire la nozione stessa di subordinazione. Proprio per questa ragione, una precisa ricognizione dei limiti posti dall’ordinamento ai controlli dell’imprenditore assume fondamentale importanza, onde scongiurare il rischio che la relazione che si instaura nei luoghi di lavoro divenga occasione di condizionamenti della libertà del lavoratore, incompatibili con i principi su cui si fonda una società democratica. Prendendo le mosse da tali considerazioni, l’opera analizza il quadro normativo sul potere di controllo del datore di lavoro, concentrandosi soprattutto sulle regole sancite dallo Statuto dei lavoratori e sulla più recente disciplina di protezione dei dati personali. Nei quattro capitoli lungo i quali si articola, la riflessione viene svolta con sguardo rivolto sia ai tradizionali problemi della materia sia alle nuove sfide sollevate dall’innovazione tecnologica. / The power to control the activity of workers has always been an ineradicable manifestation of the employer’s legal position. To the extent that it is necessary for the correct performance of the contract, the subjection of the worker to the employer control is an essential element of the relationship referred to in Article 2094 of the Italian Civil Code and plays a crucial role in the definition of subordination. For this reason, an accurate recognition of the legal limits on the entrepreneur’s controls is important to avoid the risk that the employment relationship becomes an occasion for conditioning workers’ freedom in a way that is incompatible with the principles of a democratic society. Based on these considerations, the study analyzes the regulatory framework on the employer’s power to control workers, focusing mostly on the rules laid down by Legge no. 300/1970 (Statuto dei lavoratori) and on the recent Personal Data Protection Regulation. The reflection, which is organized around four chapters, is carried out with an eye on both traditional problems related to this topic and new challenges raised by technological innovation. IUS/07: DIRITTO DEL LAVORO

Search results