Italy’s DPA Fines Data Processor For Information Security Failures

Fox Rothschild LLP
Contact

Fox Rothschild LLP

Caveat Data Processor.

Italian Data Protection Authority, Garante, has issued a 50,000 EUR fine against a data processor platform for its failures to implement several information security measures.

Service providers should ensure that the data entrusted to them by their data controller customers is adequately protected. Some specific measures addressed by Garante:

  • conducting periodic vulnerability assessments
  • ensuring timely implementation of patches
  • requiring strong passwords
  • adopting secure network protocols and digital certificates to secure data in transit
  • adopting secure method for password storage
  • mandatory logging of actions in the database
  • secure storage of the logs
  • avoiding shared accounts (especially for admin’s)
  • adopting effective anonymization techniques

Details from Garante.

[View source.]

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations. Attorney Advertising.

© Fox Rothschild LLP

Written by:

Fox Rothschild LLP
Contact
more
less

PUBLISH YOUR CONTENT ON JD SUPRA NOW

  • Increased visibility
  • Actionable analytics
  • Ongoing guidance

Fox Rothschild LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide