De zorgsector verwerkt zeer gevoelige persoonsgegevens, waaronder gezondheidsgegevens. Bij onvoorzichtige omgang, kan dit een grote impact hebben op de rechten en vrijheden van natuurlijke personen. eHealth moet daarom voldoen aan het vereiste van data protection by design. Wanneer hieraan niet is voldaan, is het zaak om handhavend op te treden ter voorkoming van datalekken. Sinds de Algemene Verordening Gegevensbescherming (AVG) van toepassing is, bereikten meerdere datalekken het voorpaginanieuws waarbij eHealth niet voldeed aan voornoemde verplichting. In dit artikel onderzoeken de auteurs in hoeverre de in de AVG opgenomen handhavingsmogelijkheden met bijbehorende rechtsmiddelen de bescherming van persoonsgegevens waarborgen bij de inzet van eHealth.
DOCUMENT
The Technical Manual for the digital evaluation tool QualiTePE supports users of the QualiTePE tool in creating, conducting and analysing evaluations to record the quality of teaching in physical education. The information on the General Data Protection Regulation (GDPR) instructs users on how to anonymise the data collection of evaluations and which legal bases apply with regard to the collection of personal data. The technical manual for the digital evaluation tool QualiTePE and the information on the General Data Protection Regulation (GDPR) are available in English, German, French, Italian, Spanish, Dutch, Swedish, Slovenian, Czech and Greek.
DOCUMENT
Following the rationale of the current EU legal framework protecting personal data, children are entitled to the same privacy and data protection rights as adults. However, the child, because of his physical and mental immaturity, needs special safeguards and care, including appropriate legal protection. In the online environment, children are less likely to make any checks or judgments before entering personal information. Therefore, this paper presents an analysis of the extent to which EU regulation can ensure children’s online privacy and data protection.
DOCUMENT
DOCUMENT
DOCUMENT
Design and development practitioners such as those in game development often have difficulty comprehending and adhering to the European General Data Protection Regulation (GDPR), especially when designing in a private sensitive way. Inadequate understanding of how to apply the GDPR in the game development process can lead to one of two consequences: 1. inadvertently violating the GDPR with sizeable fines as potential penalties; or 2. avoiding the use of user data entirely. In this paper, we present our work on designing and evaluating the “GDPR Pitstop tool”, a gamified questionnaire developed to empower game developers and designers to increase legal awareness of GDPR laws in a relatable and accessible manner. The GDPR Pitstop tool was developed with a user-centered approach and in close contact with stakeholders, including practitioners from game development, legal experts and communication and design experts. Three design choices worked for this target group: 1. Careful crafting of the language of the questions; 2. a flexible structure; and 3. a playful design. By combining these three elements into the GDPR Pitstop tool, GDPR awareness within the gaming industry can be improved upon and game developers and designers can be empowered to use user data in a GDPR compliant manner. Additionally, this approach can be scaled to confront other tricky issues faced by design professionals such as privacy by design.
LINK
In this project we take a look at the laws and regulations surrounding data collection using sensors in assistive technology and the literature on concerns of people about this technology. We also look into the Smart Teddy device and how it operates. An analysis required by the General Data Protection Regulation (GDPR) [5] will reveal the risks in terms of privacy and security in this project and how to mitigate them. https://nl.linkedin.com/in/haniers
MULTIFILE
Vanuit Fontys Hogescholen wordt veel onderzoek gedaan, met name door onderzoekers van de verschillende lectoraten. Vanzelfsprekend worden er binnen deze onderzoeken veel data verzameld en verwerkt. Fontys onderschrijft het belang van zorgvuldige omgang met onderzoeksdata en vraagt daarom van onderzoekers dat zij hun Research Data Management (RDM) op orde hebben. Denk hierbij aan veilige opslag en duurzame toegankelijkheid van data. Maar ook (open access) publiceren en archiveren van onderzoeksdata maken onderdeel uit van RDM. Hoe je hier als onderzoeker invulling aan geeft kan soms best een zoektocht zijn, mede doordat nog niet iedereen even bekend is met het onderwerp RDM. Met dit boek hopen we onderzoekers binnen Fontys de belangrijkste informatie te bieden die nodig is om goed invulling te geven aan Research Data Management en daarbij ook te wijzen op de ondersteuning die op dit gebied voorhanden is.
DOCUMENT
Copyright enforcement by private third parties – does it work uniformly across the EU? Since the inception of Napster, home copying of digital files has taken a flight. The first providers of software or infrastructure for the illegal exchange of files were held contributory or vicariously liable for copyright infringement. In response, they quickly diluted the chain of liability to such an extent that neither the software producers, nor the service providers could be held liable. Moving further down the communication chain, the rights holders are now requiring Internet Service Providers (ISPs) that provide access to end customers to help them with the enforcement of their rights. This article discusses case-law regarding the enforcement of copyright by Internet Access Providers throughout Europe. At first glance, copyright enforcement has been harmonised by means of a number of directives, and article 8(3) of the Copyright Directive (2001/29/EC) regulates that EU Member States must ensure the position of rights holders with regard to injunctions against ISPs. Problem solved? Case law from Denmark, Ireland, Belgium, Norway, England, The Netherlands, Austria and the Court of Justice of the EU was studied. In addition, the legal practice in Germany was examined. The period of time covered by case law is from 2003 to 2013, the case law gives insight into the differences that still exist after the implementation of the directive.
DOCUMENT
