Discover our publications

  • Publish:16/12/2019
    Due to their sensitive nature, health data must be processed in accordance with certain binding rules. In this sense, their access but also the way they should be hosted are strictly regulated. What is a health data host? What does the legislation provide for? Simply hosting health data does not make it possible to obtain […]Moreover
  • Publish:22/10/2019
    The advent of internet and social networks has given birth to e-reputation, a new digital component of reputation in its traditional sense. With it, has appeared the issue of the “right to be forgotten”, which is composed of the right to erasure (art. 17 of the GDPR) and of the right to be de-referenced (consecrated […]Moreover
  • Publish:15/10/2019
    DPO Consulting Sud Est has launched a compliance program for Basket teams affiliated to the French National Basketball League (LNB). Zoé Durand traveled across France to visit each club in order to build a detailed data processing inventory and establish their maturity level according to the GDPR requirements. On short notice DPO Consulting produced compliance […]Moreover
  • Publish:07/10/2019
    The implementation of a national strategy for artificial intelligence in the health sector requires the collection of data, their organization and the regulation of their access and use. Article L1462-1 of the French Public Health Code, based on Act No. 2019-774 of 24 July 2019 on the organisation and transformation of the health system[1] , thus […]Moreover
  • Publish:06/09/2019
     1. Facebook never ceases to be under the spotlight   This could be promising, but these remarks need to be moderated in a half-tone. Facebook, through its CEO Mark Zuckerberg continues to be in the limelight. With its announcements on new features, the social network wants to further expand its position on the market including the […]Moreover
  • Publish:03/09/2019
    When hearing “web tracking”, it is hard to not think of the image of hunting a prey across a field, the term is impressive or even frightening. While surfing the net, you may have already wondered what footprint remains behind you? Who is behind the web tracking? What does the law state to protect you? […]Moreover
  • Publish:19/07/2019
    One of the most complex questions raised by the General Data Protection Regulation (GDPR) is that of data controller vs. data processor. Despite the data controller[1]and data processor[2]definitions provided in article 4 of GDPR, these two concepts remain difficult to ascertain when dealing with daily operations and the complex relationships between companies. In its Opinion […]Moreover
  • Publish:07/05/2019
    The law of 4 March 2002 relating to patients’ rights and the quality of the health system established as a principle the right for patients to access to all health information relating to them. With the entry into force of the General Data Protection Regulation, patients’ rights have been strengthened.  Who can request access to […]Moreover
  • Publish:30/04/2019
    The European Data Protection Board (EDPB), successor to the G29, published early April its draft guidelines on the use of the legal basis “Contract performance or pre-contractual measures” in the context of online services. For reminder, article 6 of the General Data Protection Regulation (GDR) requires that any processing of personal data must be based […]Moreover
  • Publish:22/03/2019
    Since the implementation of the GDPR on 25 May 2018, the penalties imposed by the CNIL (French supervisory authority) for failure to comply accumulating one after the other, be it for insufficient security, lack of transparency, unsatisfactory information and even lack of valid consent. UBER, BOUYGUES TELECOM or GOOGLE LLC are but a few examples […]Moreover
  • Publish:24/12/2018
    The accountability logic promoted by the new personal data regulation leads professionals of all sizes to be concerned about the security of data processed in the context of their activities. Today, internationally renowned companies such as social networks, postal services, or large hotel companies are subject to security breaches with considerable impacts. In line with […]Moreover
  • Publish:19/10/2018
    On the international scene, the GDPR is a key element led by the EU and serves as a standard of protection welcomed by a significant number of States. But it is not just a European apparatus: the GDPR is intended to sanction non-compliance with the practical obligations it imposes, and this, outside the EU’s borders. […]Moreover
  • Publish:18/09/2018
    One of the recurring situations found within companies is the lack of a data retention period or retention periods that are not clearly established, despite what was already required by the law No. 78-17 of 6 January 1978 on data processing, files and freedoms and Directive 95/46/EC. From now on, practices will have to change […]Moreover
  • Publish:18/04/2018
    Established by the GDPR, the DPO is at the heart of the organizations’ compliance system. Its role, status and missions reflect the importance given to it by the legislator. In this respect, even when its appointment is not mandatory, it remains strongly recommended to appoint one (I) and to outsource it to an expert firm […]Moreover
  • Publish:05/03/2018
    The use of personal data in marketing The GDPR disrupts the habits of marketing departments by imposing new obligations on companies, particularly with regard to consent. There are 5 other legal bases for processing customer or prospect data. However, in marketing, consent will be the rule in most cases. The idea is easy: individuals need […]Moreover
  • Publish:12/02/2018
    A few months before the entry into force of the General Data Protection Regulations (GDPR), many companies have already launched their compliance program. The compliance program, specific to each company, can vary significantly depending on the size of the company, its customer portfolio and its core business. That being said, there are inevitably several actions […]Moreover