1 / 28

DigiEye & Privacy Presentation

DigiEye system is certified privacy compliant, meeting data protection laws and minimum security measures. Learn about its adherence to Workers Statute, Legislative Decree, storage duration regulations, and minimum security measures ensuring privacy and safety.

kathya
Download Presentation

DigiEye & Privacy Presentation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SYAC▪TB - DigiEye & Privacy DigiEye & Privacy Presentation

  2. May 2014:DigiEye isCertified Privacy Compliant! The certification Body KHC released the conformity certificate of the DigiEye system to the requirements contained in the current Data Protection Law ensuring compliance to the minimum security measures and to the appropriate measures provided for in the T.U.P. and the specific legislation in the field of video surveillance. SYAC▪TB - DigiEye & Privacy

  3. May 2014:DigiEye isCertified Privacy Compliant! The system’s certification activities have been made according to the system’s technical specifications and according to  the Privacy requirements in the field of data processing (European Directive 95/46/CE at European Level and Italian Decree 196/2003 "New Privacy Code " at Italian level) SYAC▪TB - DigiEye & Privacy

  4. DigiEye and WorkersStatute The whole DigiEye line is compliant to the Workers Statute Law 300 dated May 20th 1970 • Art. 4 prohibits the use of video surveillance for the purpose of monitoring the workers’ activities but, where such installations are necessary for security reasons, they may be installed only prior agreement • In phase of agreement some prescriptions are required • With regard to the recording system, the prescription is that recordings can be accessed only with double password (the second is generally assigned to the union representative) SYAC▪TB - DigiEye & Privacy

  5. Didyouknowthat The agreement is necessary also in case of videosurveillance in areas occasionally frequented by employees The prescription is to be considered valid not only for video recording systems but also for centralization solutions The infringements (charged to the employer) are punished by criminal law SYAC▪TB - DigiEye & Privacy

  6. Therefore The entire DigiEye line (video recording systems and centralization solutions) satisfies the required prescription Verify that products and solutions you use are in line with the prescriptions contained in the Workers Statute SYAC▪TB - DigiEye & Privacy

  7. DigiEye and Legislative Decree 30/06/2003, N. 196 The entire DigiEye line is compliant to the Legislative Decree dated June 30th 2003, N. 196 • Code concerning personal data processing with respect to “Regulation concerning video surveillance” … • And to the computer authentication system specified in Annex B “Technical Regulations regarding minimum security measures” SYAC▪TB - DigiEye & Privacy

  8. DigiEye and Storage duration Duration of the eventual storage: “Storage shall be limited to a few hours or, at most, 24 hours after the detection, with the exception of special needs for further conservation related to holidays or closing of offices or stores” storage 24 hours SYAC▪TB - DigiEye & Privacy

  9. Didyouknowthat • Unless exceptions, the storage of sequences shall not exceed 24 hours after the detection • The backup is considered in the same manner as storage and is therefore subject to the same restrictions • Storage extension related to holidays or office closure is allowed • A violation is performed extending the recorded sequences storage time in a fixed and not dynamic way to cover holidays or closing days of offices or stores during week ends • Infringements(charged to the data controller) undergo economic sanctions SYAC▪TB - DigiEye & Privacy

  10. Therefore The entire DigiEye line satisfies the prescriptions related to the storage duration and manages the extension related to holidays or office closure in a dynamic way Verify that products and solutions you use are in line with the storage duration regulations SYAC▪TB - DigiEye & Privacy

  11. DigiEye and Minimum Security Measures Technical Regulations regarding minimum security measures Annex B: Computer authentication system (consisting of the password and its periodic change) Password authentication SYAC▪TB - DigiEye & Privacy

  12. Didyouknowthat The video recording system connected to the network, and therefore, remotely accessible, as required by the technical regulations regarding minimum security measures, should reduce the possibility that the password gets reproduced, granting a higher level of privacy and safety to users. SYAC▪TB - DigiEye & Privacy

  13. Didyouknowthat • For this purpose were established precise rules for the creation and subsequent modifications of the Users and their related passwords, in particular: • The User must change the password periodically • The Password shall not contain explicit references to the username • the Password shall be longer than 8 characters and shall not contain only letters • The User must change the password on the first login • The User must be deleted after a determined period of time of inactivity SYAC▪TB - DigiEye & Privacy

  14. Didyouknowthat The prescription is to be considered valid not only in terms of video recording system, but also in terms of centralization solutions Infringements (charged to the data controller) undergo economic sanctions SYAC▪TB - DigiEye & Privacy

  15. Therefore The entire DigiEye line satisfies the prescriptions related to Computer Authentication System, also in case of centralized management through remote Authentication Server Verify that the solutions you use are in line with the Technical regulations regarding minimum security measures in relation to the computer authentication system SYAC▪TB - DigiEye & Privacy

  16. EuropeanRegulationisapproaching The European Union has recently launched and introduced two important measures concerning personal data protection. October 2013 – European Regulation Draft – approved on March 12th 2014, presumably entering to force in October 2014 (2 years’ adaption on existing installations)

  17. EuropeanRegulationisapproaching • The new Regulation on personal data protection (that will substitute the directive n. 95/46/CE and also the Privacy Consolidated, Legislative Decree 196/03) will be adopted in the next few months and then will enter into force in all EU States. • This will force companies to adopt a real organizational model for data protection with the introduction of the principle of accountability and transparency. SYAC▪TB - DigiEye & Privacy

  18. Italy is the ReferenceModel! Italy was taken as Reference Model Regulations already existing in Italy were taken as reference The existing prescriptions remain valid with a few changes SYAC▪TB - DigiEye & Privacy

  19. Whatchanges? Tougherpenalties In case of controls, the penalties for most serious violations will be up to 5% of the company’s annual turnover with a maximum fixed in 100 million Euro (amongst the two, applies the most severe sanction);in case of multiple infringements, sanctions for each violation will sum up. TougherPenalties SYAC▪TB - DigiEye & Privacy

  20. WhatChanges? System Administrators Recording and storage of the logs to the systems and security systems containing sensitive data for a reasonable period of time, not shorter than 6 months The prescription is to be considered valid not only for video recording systems but also for centralization solutions. System Administrators SYAC▪TB - DigiEye & Privacy

  21. Therefore The entire DigiEye line (video recording systems and centralization solutions) provides an event log detailed per single operation and single event and, at centralization level , per connection mode Verify that the solutions you use are of help to the System Administrators and allow them to meet these requirements without the need for additional tools. SYAC▪TB - DigiEye & Privacy

  22. Whatchanges? The figure of the Data ProtectionOfficer Companies and public entities will have to introduce the figure of the Data Protection Officer who will be entrusted with the policy regarding data protection. Professional profile, responsible for data protection, enrolled in the register and with insurance coverage. Data ProtectionOfficer SYAC▪TB - DigiEye & Privacy

  23. Whatchanges? The figure of the Data ProtectionOfficer • The new figure will always be required in public entities • In private sector the discriminant will be the risk level arising from the kind and/or the quantity of data processed • It’ll be mandatory, for example, for all the private companies dealing with data from more than 5.000 people over 12 consecutive months • This will therefore also include medium sized private companies SYAC▪TB - DigiEye & Privacy

  24. Whatchanges? The figure of the Data ProtectionOfficer • The main target is to achieve the Privacy Compliance and, being him the responsible, the Data Protection Officer will make so that the company adopts all the Privacy prescriptions, preparing the P.I.A. Privacy Impact Assessment and certifying the Organizational and Privacy Security Model of the company. • With regard to the security field and, in particular, video surveillance, he will demand the suppliers an appropriate certificate of Privacy compliance. SYAC▪TB - DigiEye & Privacy

  25. Didyouknowthat TECHBOARD is the first Italian company to obtain the certification of compliance to the Privacy regulation for SYAC▪TB products, its Security Division SYAC▪TB TECHBOARD SYAC▪TB - DigiEye & Privacy

  26. Therefore The entire DigiEye line (systems and centralization solutions) is provided with Privacy compliance certificate issued by an independent organization Request the Privacy compliance certificate for the products and solutions you use SYAC▪TB - DigiEye & Privacy

  27. SYAC▪TB - DigiEye & Privacy

  28. Thankyouforyourattention SYAC▪TBTECHBOARD Security DivisionArea Science Park Padriciano, 9934149 Trieste Tel.  059 289899sales.syac@techboard.it www.syac-tb.com TECHBOARDVia Della Scienza, 5041100 ModenaTel.  059 289811techboard@techboard.it www.techboard.it

More Related