Continues the work of simplification carried out by the Guarantor in connection with certain obligations imposed by the Privacy Code : after rules relating to disclosure and consent has been made today that pubbblico (long awaited) concerning the minimum safety measures .
The full text of the measure - which refers only to certain types of treatment - is available here .
The purposes of simplification are certainly acceptable, but the bill ultimately reduce excessively the necessary precautions with regard to minimum security measures, to realize just read the Article. 2.4 (Other security measures) to the extent it provides that
Periodic updates of computer programs designed to prevent the vulnerability of electronic means (eg, virus), also with reference to programs in art. 615 - d of the Penal Code, and to correct defects shall be made at least annually. If your computer is not connected to electronic communications networks accessible to the public (DSL lines, Internet access through your corporate network, email), the update must be at least two years.
No need to be a techie to understand that the update of a virus on an annual basis no sense (not to mention the updates every two years).
Possible that there is no middle ground between too complex compliance and other almost non-existent? Not likely to lose further credibility to a poorly implemented legislation such as that relating to privacy?
among other things provvdimento is very ambiguous, because one thing is to update on the program, another is to update the db of 'signatures' of the virus ....
-
hd
@ Herr doktor
In addition to unambiguously say confused as ever when it lays down rules for the "computer networks connected to publicly available electronic communication" refers only to the corporate network or adsl?