"This is the fundamental truth about data protection: backup is dead. Or rather, backup and recovery, as a standalone topic, no longer has relevance in IT. As a standalone topic, it's been killed off by seemingly exponential growth in storage and data, by the cloud, and by virtualization. So what is data protection?This book takes a holistic, business-based approach to data protection. It explains how data protection is a mix of proactive and reactive planning, technology and activities that allow for data continuity. It shows how truly effective data protection comes from a holistic approach considering the entire data lifecycle and all required SLAs. Data protection is neither RAID nor is it continuous availability, replication, snapshots or backups--it is all of them, combined in a considered and measured approach to suit the criticality of the data and meet all the requirements of the business. The book also discusses how businesses seeking to creatively leverage their IT investments and to drive through cost optimization are increasingly looking at data protection as a mechanism to achieve those goals. In addition to being a type of insurance policy, data protection is becoming an enabler for new processes around data movement and data processing. This book arms readers with information critical for making decisions on how data can be protected against loss in the cloud, on-premises, or in a mix of the two. It explains the changing face of recovery in a highly virtualized data center and techniques for dealing with big data. Moreover, it presents a model for where data recovery processes can be integrated with IT governance and management in order to achieve the right focus on recoverability across the business."--Provided by publisher.

The complexities of implementing the General Data Protection Regulation (GDPR) continue to grow as it progresses through new and ever-changing technologies, business models, codes of conduct, and decisions of the supervisory authorities, and the courts. This eminently practical guide to implementing the GDPR – written in an original, problem-solving style by a highly experienced data protection expert with equal knowledge of both law and technology – provides a step-by-step project management approach to building a GDPR-compliant data protection system, assessing, and documenting the risks and then implementing these changes through processes at the operational level. With detailed attention to case law (Member State, ECJ, and ECHR), especially where affecting high-risk areas that have attracted scrutiny, the guidance proceeds systematically through such topics and issues as the following: required documentation, policies, and procedures; risk assessment tools and analysis frameworks; children’s data; employee and health data; international transfers post-Schrems II; data subject rights including the right of access; data retention and erasure; tracking and surveillance; and effects of technologies such as artificial intelligence, biometrics, and machine learning. With its practical examples derived from the author’s experience in building GDPR-compliant software, as well as its analysis of case law and enforcement priorities, this incomparable guide enables company data protection officers and compliance staff to advise on key issues with full awareness of the legal and reputational risks and how to mitigate them. It is also sure to be of immeasurable value to concerned regulators and policymakers at all government levels. “…it's going to be the go to resource for practitioners.” Tom Gilligan, Data Protection Consultant, September 2021 "I purchased this book recently and I’m very glad I did. It’s the textbook I have been waiting for. As someone relatively new to data protection, I was finding it very difficult to find books on the practical side of data protection. This book is very clearly laid out with practical examples and case law given for each topic, which is immensely helpful. I would recommend it to any data protection practitioners." Jennifer Breslin, LLM CIPP/E, AIPP Member

Give your organization the data protection it deserves without the uncertainty and cost overruns experienced by your predecessors or other companies. System and network administrators have their work cut out for them to protect physical and virtual machines in the data center and the cloud; mobile devices including laptops and tablets; SaaS services like Microsoft 365, Google Workspace, and Salesforce; and persistent data created by Kubernetes and container workloads. To help you navigate the breadth and depth of this challenge, this book presents several solutions so you can determine which is right for your company. You'll learn the unique requirements that each workload presents, then explore various categories of commercial backup hardware, software, and services available to protect these data sources, including the advantages and disadvantages of each approach. Learn the workload types that your organization should be backing up Explore the hardware, software, and services you can use to back up your systems Understand what's wrong with your current data protection system Pair your backed-up workloads to the appropriate backup system Learn the adjustments that will make your backups better, without wasting money

The author evaluates the costs and/or gains and the interference (positive or negative) in the commercial, public administrative and social spheres that data protection laws have the potential to create, with numerous references to legislation and administrative decision making in a wide variety of jurisdictions.

Privacy and data protection in police work and law enforcement cooperation has always been a challenging issue. Current developments in EU internal security policy, such as increased information sharing (which includes the exchange of personal data between European law enforcement agencies and judicial actors in the area of freedom, security and justice (Europol, Eurojust, Frontex and OLAF)) and the access of EU agencies, in particular Europol and Eurojust, to data stored in European information systems such as the SIS (II), VIS, CIS or Eurodac raise interesting questions regarding the balance between the rights of individuals and security interests. This book deals with the complexity of the relations between these actors and offers for the first time a comprehensive overview of the structures for information exchange in the area of freedom, security and justice and their compliance with data protection rules in this field.

GDPR: Personal Data Protection in the European Union Mariusz Krzysztofek Personal data protection has become one of the central issues in any understanding of the current world system. In this connection, the European Union (EU) has created the most sophisticated regime currently in force with the General Data Protection Regulation (GDPR) (EU) 2016/679. Following the GDPR’s recent reform – the most extensive since the first EU laws in this area were adopted and implemented into the legal orders of the Member States – this book offers a comprehensive discussion of all principles of personal data processing, obligations of data controllers, and rights of data subjects, providing a thorough, up-to-date account of the legal and practical aspects of personal data protection in the EU. Coverage includes the recent Court of Justice of the European Union (CJEU) judgment on data transfers and new or updated data protection authorities’ guidelines in the EU Member States. Among the broad spectrum of aspects of the subject covered are the following: – right to privacy judgments of the CJEU and the European Court of Human Rights; – scope of the GDPR and its key definitions, key principles of personal data processing; – legal bases for the processing of personal data; – direct and digital marketing, cookies, and online behavioural advertising; – processing of personal data of employees; – sensitive data and criminal records; – information obligation & privacy notices; – data subjects rights; – data controller, joint controllers, and processors; – data protection by design and by default, data security measures, risk-based approach, records of personal data processing activities, notification of a personal data breach to the supervisory authority and communication to the data subject, data protection impact assessment, codes of conduct and certification; – Data Protection Officer; – transfers of personal data to non-EU/EEA countries; and – privacy in the Internet and surveillance age. Because the global scale and evolution of information technologies have changed the data processing environment and brought new challenges, and because many non-EU jurisdictions have adopted equivalent regimes or largely analogous regulations, the book will be of great usefulness worldwide. Multinational corporations and their customers and contractors will benefit enormously from consulting and using this book, especially in conducting case law, guidelines and best practices formulated by European data protection authorities. For lawyers and academics researching or advising clients on this area, this book provides an indispensable source of practical guidance and information for many years to come.