Learning analytics dashboards, like the class mark books that long preceded them, show tutors a lot of information about their students. That could be pretty intrusive, so should universities and colleges be asking students to consent before tutors look at their data? I don’t think so, both because the students most likely to benefit are […]
Delighted to report that our first Data Protection Impact Assessment, for the Janet Security Operations Centre, is now published at http://repository.jisc.ac.uk/6847/1/Jisc_security_operations_centre_-_data_protection_impact_assessment.pdf Thanks to the SOC and GDPR teams who made this happen!
Article 35 of the General Data Protection Regulation introduces a requirement to conduct a formal Data Protection Impact Assessment (DPIA) for any processing that may involve a high risk to individuals. The Article 29 Working Party’s DPIA guidance contains a helpful list of nine factors that may give rise to a high risk. Any activity […]
The Article 29 Working Party has recently highlighted the importance of detecting and mitigating information security breaches. One of the key tools in doing this is logfiles: the European Court of Justice in Breyer v Germany recognised the role of web server logs, the Article 29 Working Party guidelines mention logs and network flow data. […]