France – Privacy Design® / [protecting people by good design, solid security, efficient processes and trusted services] Fri, 01 Nov 2019 09:34:49 +0000 en-US hourly 1 https://wordpress.org/?v=6.9.4 /wp-content/uploads/2018/02/cropped-favicon-32x32.jpg France – Privacy Design® / 32 32 CNIL/France: Pior authorization for healthdata, pharmacovigilance and CNIL standards /2019/11/01/cnil-france-pior-authorization-for-healthdata-pharmacovigilance-and-cnil-standards/ Fri, 01 Nov 2019 09:34:49 +0000 /?p=1080 Continue reading "CNIL/France: Pior authorization for healthdata, pharmacovigilance and CNIL standards"

]]> Article by TwoBirds ” The CNIL published on 18 July 2019 a new standard concerning the processing of personal data for the purpose of vigilance in the health sector. ”
https://www.twobirds.com/en/news/articles/2019/global/new-cnil-standard-for-all-companies-doing-product-vigilance-activities

Quote: ” The standard is of great importance since according to the French Data Protection Act such processing activities are submitted to the CNIL’s prior authorization. The scope of the French prior authorization requirement is extraterritorial, and any organization worldwide doing product vigilance on individuals residing in France must obtain an authorization in order to be allowed to carry on their activities. But if their activities comply with the CNIL’s new standard, then they can now file a declaration of compliance with the CNIL, instead of filing a full request for authorization. “

Link to inofficial translation by TwoBirds at https://www.twobirds.com/~/media/pdfs/france/new-french-cnil-standard.pdf?la=en&hash=8AE9FA58104BDE6D234289328ACB6BBCE25DCBD2

TwoBird article on overall background at https://www.twobirds.com/en/news/articles/2019/france/processing-health-data-in-france-what-to-look-out-for-after-gdpr – incl. need for prior authorization and CNIL reference methods

]]> CNIL – Subject Access Request eMail generator /2018/02/25/cnil-subject-access-request-email-generator/ Sun, 25 Feb 2018 20:27:29 +0000 /?p=460 https://www.cnil.fr/fr/modeles/courrier

]]> CNIL – Data Protection Audit Procedure /2018/02/25/cnil-data-protection-audit-procedure/ Sun, 25 Feb 2018 20:15:13 +0000 /?p=453 Decision No. 2011-316 dated 6 October 2011 adopting a standard for delivering privacy seals in audit procedures covering the protection of persons with regard to the processing of personal data

(which could be read as a good way to deliver a privacy audit – or to expect one being done on you following this procedure)

https://www.cnil.fr/sites/default/files/atoms/files/referentiel_audit_en.pdf

]]> [Bird&Bird] Hosting health data: the French requirements /2018/02/25/birdbird-hosting-health-data-the-french-requirements/ Sun, 25 Feb 2018 18:29:48 +0000 /?p=431 Hosting health data: the French requirements
Going through the accreditation procedure

https://www.twobirds.com/~/media/pdfs/brochures/privacy-and-data-protection/hosting-health-data—the-french-requirements.pdf

]]>