JULY SOFT .NET BLOG

About GEYSIR ENTERPRISE SEARCH, .NET, TECHNOLOGY and MORE

PatriotFest Edition 2018 – 1st place at “Optimizing Human Performance”: Geysir Enterprise Search by JulySoft.Net awarded by Mr. Andrei Oprina, Head of ITA of SRI

18 December 2018 Julysoft Geysir Enterprise Search, July Soft, PatriotFest 2018, Europalibera.org, Innovation, MAPN.ro, Mr. Andrei Oprina, newstrategycenter.ro, Optimizing Human Performance, SRI Serviciul Roman De Informatii(Romanian Intelligence Service), www.mai.gov.ro, www.spp.ro, www.stsnet.ro/ (0)

It was just the end of the PatriotFest Edition 2018, a national contest organized by MApN, MAI, SRI, STS, SPP in partnership with the New Strategy Center. A fascinating event, where innovating Romanians from everywhere had the opportunity to present their projects in several fields.

congratulations to all PatriotFest organizers for the real source of inspiration offered to all Romanians as well for the chance given to the participants!

 

Popa Dumitru-Stelian attended the section “Optimizing Human Performancewith the productJuly Soft Geysir Enterprise Search”.

Participation started with interesting discussions at the PatriotFest forum and then followed a detailed demo of the product “Geysir Enterprise Search”, exemplifying the functionalities and benefits of this search engine within any institution that would implement it.

 

Popa Dumitru-Stelian has achieved the maximum success and recognition of PatriotFest, receiving 1st place in the category “Optimizing Human PerformanceforGeysir Enterprise Search” - you can view the award at the PatriotFest gala here (at 47').

 

 

It gives us a great honor and we Thanks a lot to Mr. Andrei Oprina, Head of the Institute for Advanced Technologies (ITA) of SRI(Romanian Inteligence Service) for the beautiful handing over of the 1st prize for Geysir Enterprise Search - Popa Stelian in the section "Optimizing Human Performance".
You can view the video with awarding the prize here.

We thank Simona who was present to raise the prize in place of Stelian.

 

 

Thanks to PatriotFest for the chance to participate in this national event as well as for the trust and Geysir's first prize in Optimizing Human Performance!

Well done Stelian! July Soft thanks you for your entire contribution to creating and promoting “Geysir Enterprise Search”!

 

 

Other information about PatriotFest Edition 2018 you can find at:

Make every effort and your passion and dreams can come true!

Happy Birthday, Romania! Thanks PatriotFest! Well done Stelian!

 

Iulia from JulySoft.Net

PatriotFest Editia 2018 – Locul 1 la “Optimizarea Peformantei Umane”: Geysir Enterprise Search by JulySoft.Net inmanat de D-ul Andrei Oprina, Directorul ITA din cadrul SRI

18 December 2018 Julysoft Blog, Geysir Enterprise Search, July Soft, PatriotFest 2018, Europalibera.org, Innovation, MAPN.ro, Mr. Andrei Oprina, newstrategycenter.ro, Optimizing Human Performance, SRI Serviciul Roman De Informatii(Romanian Intelligence Service), www.mai.gov.ro, www.spp.ro, www.stsnet.ro/ (0)

Tocmai s-a incheiat PatriotFest Editia 2018, concurs national organizat de MApN, MAI, SRI, STS, SPP in parteneriat cu asociatia New Strategy Center. Un eveniment fascinant, in cadrul caruia romanii inovatori de pretutindeni au avut ocazia sa-si prezinte proiectele funtionale in mai multe domenii.

Felicitari tuturor organizatorilor PatriotFest pentru reala sursa de inspiratie oferita noua tuturor romanilor precum si sansa oferita participantilor!

 

Popa Dumitru-Stelian a participat la sectiunea “Optimizarea performantei umane” cu produsul “July Soft Geysir Enterprise Search”.

Participarea a inceput cu discutii interesante in cadrul forumului PatriotFest si apoi a urmat o demostratie detaliata a produsului “Geysir Enterprise Search”, exemplificand functionalitatile si beneficiile aduse de acest motor de cautare in cadrul oricarei institutii care l-ar implementa.

 

Popa Dumitru-Stelian a obtinut succesul maxim si recunoasterea PatriotFest, primind locul 1 la categoria “Optimizarea performantei umane” pentru produsul “Geysir Enterprise Search” - puteti vizualiza acordarea premiului la gala PatriotFest aici (minutul 47).

 

Ne face o deosebita onoare si ii multumim mult D-nului Andrei Oprina, Directorul Institutului pentru Tehnologii Avansate (ITA) din cadrul SRI(Serviciul Roman de Informatii) pentru frumoasa inmanare a premiului 1 pentru "Geysir Enterprise Search" - Popa Stelian la sectiunea "Optimizarea performantei umane".

Puteti vizualiza inmanarea premiului aici.

Multumim Simonei care a fost prezenta sa ridice premiul in locul lui Stelian.

 

 

Multumim PatriotFest pentru sansa oferita de a participa la acest eveniment national, precum si pentru increderea oferita si premierea lui Geysir cu locul 1 in optimizarea performantei umane!

Felicitari Stelian! July Soft iti multumeste pentru intreaga contributie la crearea si promovarea lui “Geysir Enterprise Search”!

 

 

Alte informatii despre PatriotFest Editia 2018 gasiti la:

 

Depuneti toate eforturile si pasiunea pe care o aveti si visele pot deveni realitate!

La multi ani, Romania! Multumim PatriotFest! Felicitari Stelian!

 

Iulia de la JulySoft.Net

Regulamentul general privind protectia datelor (DGPR) - Ce trebuie sa stiti

27 November 2017 Julysoft DGPR, Geysir, July Soft (0)


 

 

 

 

 

 

 

 

 

Regulamentul general privind protectia datelor (GDPR)

- Ce trebuie sa stiti - Oportunitati si riscuri pentru compania dvs.

 

Cui se adreseaza?

Daca detineti sau lucrati pentru(departament IT/Juridic) o intreprindere mica sau pentru o multinationala(grup de companii) care proceseaza sau stocheaza datele personale ale cetatenilor din UE, indiferent daca compania dvs. sau procesarea datelor personale are sau nu loc in UE, sau daca pur si simplu va intereseaza sa cunoasteti, ca persoana, drepturile dvs. de confidentialitate a datelor dvs. personale – va invitam sa cititi mai departe!

 

Problema

Protectia datelor personale este un nou regulament legal pe care compania dvs. trebuie sa-l respect. In caz contrar, exista riscuri de amenzi de pana la 20 milioane EUR.

 

Solutia

Sa cunoasteti obligatiile dvs. GDPR si sa investiti in instrumente de securitate, administrare si gestionarea datelor care va ajuta sa domonstrati ca sunteti conform cu respectarea normelor GDPR. July Soft ofera astfel de instrumente precum: Geysir Enterprise Search, Hekla DMS and/or Laki Extranet.

 

 

Context

Sa aveti in vedere ca ca sunt o persoana tehnica IT cu o vasta experienta in domeniul “big-data”, in procesarea automata a datelor, guvernanta si gestiunea datelor, fara a avea o formare juridica. Aceasta lucrare este “asa cum este” (fara garantii sau garantii exprese sau implicite si nu ne asumam nici o raspundere pentru nici o pierdere sau dauna directa sau indirecta pentru tine/afacerea ta care implica prezentul document).

Acest document este un ghid general – un sumar – al GDPR, care va poate ajuta, si va incurajam sa indepliniti aceste noi cerinte prin obtinerea de asistenta juridica profesionala.

 

Definitii

PD - Date Personale – orice informatie referitoare la o persoana (indentificata sau indentificabila)

REG - Regulamentul 2016/679 privind Protectia Datelor Personale

Operator - persoana fizica sau juridica care decide scopurile si mijloacele de procesare PD

Persoana Imputernicita de Operator - procesatorul PD in numele Operator-ului (Ex: Cloud Provider)

 

In timp ce Protectia Datelor cu Caracter Personal de catre autoritati este reglementata de Directiva 2016/680, Protectia Datelor cu Caracter Personal in general si libera circulatie a datelor cu caracter personal in UE este reglementata de Regulamentul 2016/679.

 

Diferenta intre directiva si regulament, este urmatoarea: in timp ce directiva va fi “clonata” de catre fiecare stat membru EU cu mai multa sau mai putina acuratete, regulamentul se aplica in mod exact si automat asa cum este pentru toate statele membre EU.

 

Scopul regulamentului 2016/679

  1. Scopul materialului: “Prezentul regulament se aplica prelucrarii datelor cu caracter personal, efectuata total sau partial prin mijloace automatizate, precum si prelucrarii prin alte mijloace decat cele automatizate a datelor cu caracter personal care fac parte dintr-un sistem de evidenta a datelor sau care sunt destinate sa faca parte dintr-un sistem de evidenta a datelor.” - Art. 2, p. 1

  2. Scopul teritorial: ”Prezentul regulament se aplica prelucrarii datelor cu caracter personal in cadrul activitatilor unui sediu al unui operator sau al unei persoane imputernicite de operator pe teritoriul Uniunii, indiferent daca prelucrarea are loc sau nu pe teritoriul Uniunii.” - Art. 3, p. 1

Ca regula generala, REG include in scopul sau orice procesare PD ale cetatenilor UE indiferent de locul de procesare sau de locul Operator-ului/Persoanei Imputernicite de Operator pe teritoriul UE.

Oportunitati de business

  1. Libera circulatie a datelor cu caracter personal in interiorul Uniunii nu poate fi restrictionată sau interzisa din motive legate de protectia persoanelor fizice în ceea ce priveste prelucrarea datelor cu caracter personal.” -Capitolul 1, Art. 1, p. 3 REG

Astfel, grupul dvs. de companii poate incepand cu 25 Mai 2018, cand REG se va aplica, sa mute fara restrictii PD intre entitatile sale din UE – avand in vedere ca va respecta toate cerintele REG.

  1. Mai simplu, costuri mai mici si mai convenabile – Evident, si inainte de REG, daca compania dvs./grupul opera in 5 state membre, atunci trebuia sa angajeze 5 firme de avocatura pentru a se asigura ca respecta toate reglementarile nationale specifice; acum, o data cu REG se va respecta o singura lege.

  2. Multi ar putea vedea acest nou regulament ca pe o cheltuiala, dar de fapt, este o noua oportunitate. Respectand REG inseamna ca veti investi in instrumente de securitate, de guvernanta si audit al datelor, deoarece dupa cum veti vedea, daca nu faceti asta va plasati compania intr-un zona de risc si de nerespectare a regulilor REG si acest lucru va poate aduce amenzi de pana la 20 milioane de EUR sau de pana la 4% din cifra de afaceri anuala globala!

Drepturile pe care Operatorul trebuie sa le asigure persoanei vizate:

- “Informare si acces la datele personale”: Cand cere persoana vizata, in maxim 1 luna, operatorul trebuie sa trimita acesteia, in mod gratuit, in format scris/electronic toate PD ale acesteia pe care le detine, alaturi de celelalte date precum: date de contact ale Ofiterului de Protectie a Datelor(angajat sau contractor al Operatorului pentru REG – care exista in anumite conditii -, scopul procesarii, lista tertelor parti carora li s-a transmis PD si de ce, etc.. Nerespectarea acestor solicitari poate permite persoanei vizate sa completeze o plangere la UE Protectia Datelor Personale si, de asemenea, poate solicita despagubiri materiale in termenii REG. (Art. 12, Art. 13).

-”Dreptul de a fi uitat” - “Persoana vizata are dreptul de a obtine din partea operatorului stergerea datelor cu caracter personal care o privesc, fără intarzieri nejustificate, iar operatorul are obligatia de a sterge datele cu caracter personal fara intarzieri nejustificate ...” - Art. 17, p.1

-”Dreptul la restrictionarea prelucrarii” - Persoana vizata poate cere Operatorului sa nu-i mai proceseze PD - Art. 18

-”Obligatia de notificare privind rectificarea sau stergerea datelor cu caracter personal sau restrictionarea prelucrarii” - Art. 19 – Operatorul trebuie sa notifice persoana vizata dupa orice stergere/actualizare a PD realizata sub termenii REG - Art. 16, 17, 18

-”Dreptul la transferabilitatea datelor” - “Persoana vizata are dreptul de a primi datele cu caracter personal care o privesc si pe care le-a furnizat operatorului intr-un format structurat, utilizati in mod curent si care poate fi citit automat si are dreptul de a transmite aceste date altui operator, fara obstacole din partea operatorului caruia i-au fost furnizate datele cu caracter personal ...” - Art. 20, p.1

Obligatii generale ale Operatorului si ale Persoanei Imputernicita de Operator

Tinand seama de natura, domeniul de aplicare, contextul si scopurile prelucrarii, precum si de riscurile cu grade diferite de probabilitate si gravitate pentru drepturile si libertatile persoanelor fizice, operatorul pune în aplicare masuri tehnice si organizatorice adecvate pentru a garanta si a fi în măsură sa demonstreze ca prelucrarea se efectueaza in conformitate cu prezentul regulament. Respectivele masuri se revizuiesc si se actualizeaza daca este necesar.” - Art. 24, p.1

Declaratia generala de mai sus implica faptul ca Operatorul trebuie sa asigure securitatea si protectia PD, si anume sa previna disponibilitatea acesteia unui numar nelimitat de persoane – PD trebuie pastratat din punct de vedere tehnic in mod privat. De asemeni, orice Operator care colecteaza PD trebuie sa aiba un motiv rezonabil sa proceseze PD, motiv pe care il poate justifica si orice procesare realizata de catre Operator/Persoanei Imputernicita de Operator trebuie sa fie trasabila.

Alte obligatii sunt:

- Notificarea unei incalcari a datelor cu caracter personal catre autoritatea de supraveghere – Art. 33

- Communication of a personal data breach to the data subject – Art. 34

- Comunicarea unei incalcari a datelor cu caracter personal catre persoana vizata – Art 35, Art. 36

- Ofiter de Protectie a Datelor – Art. 37, Art. 38, Art. 39

- Codurile de conduita – Art. 40, Art. 41, Art. 42

Referinte: http://ec.europa.eu/justice/data-protection/

http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679&from=EN

Stelian de la www.JulySoft.Net – Bucuresti, 27 Noiembrie 2017

General Data Protection Regulation (DGPR) – What You Should Know

27 November 2017 Julysoft Blog, Geysir Enterprise Search, DGPR, Geysir, July Soft (0)

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

General Data Protection Regulation (GDPR)

- What You Should Know - Opportunities & Risks For Your Company

 

Who is this for?

 

If you own or work for (IT or legal dep.) a small business or a multinational group of companies that process or stores personal data of persons from EU, regardless your company or processing of personal data takes place or not in EU, or simply you are interested in your data privacy rights as person – please read on!

 

Issue

Personal Data Protection is a legal regulation your company must comply with. Failing to do so may put your company at risks of fines up to 20M EUR.

 

Solution

Know your DGPR obligations and invest in data security, data-governance and management tools that help you prove and enforce your company's compliance with GDPR. July Soft offers such tools as:

Geysir Enterprise Search, Hekla DMS, Hekla CRM or Laki Extranet tools.

 

Disclaimer

Note that I'm a Technical IT person with extensive experience in big-data, automated data processing, data governance and management, but without any formal legal background.

This paper is "as is" (with no warranties or guaratees, express or implied and we don't assume any resposibility of any loss or damage – directly or indirectly to you/your business involving present).

This is a general guide – summary – of GDPR – that may help you – and we strongly encourage you to do so – while getting professional legal assistance.

 

Definitions:

PD - Personal Data – any information regarding a person (identified or identifiable)

REG - Regulation 2016/679 on Personal Data Protection

Controller - person or legal entity that decides purposes and means of PD processing

Processor - PD processor on Controller's behalf (Ex: Cloud Provider)

 

While Personal Data Protection by authorities is regulated by Directive 2016/680, Personal Data Protection in general and free movement of personal data within EU is regulated by Regulation 2016/679.

The difference between Directive and Regulation is that while Directive will be "cloned" in every member state with more or less accuracy while Regulation applies exactely as is to all member states automatically!

 

Scope of REG:

a) Material scope: "This Regulation applies to the processing of personal data wholly or partly by automated means and to the processing other than by automated means of personal data which form part of a filing system or are intended to form part of a filing system." - Art. 2, p.1

 

b) Territorial scope: "This Regulation applies to the processing of personal data in the context of the activities of an establishment of a Controller or a Processor in the Union, regardless of whether the processing takes place in the Union or not" – Art. 3, p. 1

As a general rule REG includes in its scope any PD processing on EU citizens regardless the place of processing or Controller/Processor!

 

Opportunities for businesses:

a) "The free movement of personal data within the Union shall be neither restricted nor prohibited for reasons connected with the protection of natural persons with regard to the processing of personal data." - Chapter 1, Art. 1, 3rd p. of REG

 

This implies your business group can, starting 25th May 2018 from when REG will apply, move without any restriction PD between its entities from EU - given it comply with all other requirements REG imposes.

 

b) Simpler, cheaper compliancy / legal costs – Obviously, as before REG if your company/group operates in 5 member states then you need to hire 5 law firms just to make sure you comply with all national specific regulations, now starting REG will apply you have to deal with only 1 law – namely REG.

 

c) Many may see this as an expense but is in fact an opportunity. Being REG compliant implies you have to invest in security, data governance and audit tools, because as you will see, not doing so will place your company in a great risk of non-compliance with REG and this can expose your company to risk of fines up to 20M EUR or up to 4% of your global yearly turnover!

But, if instead you decide to buy / implement a CRM (like Julysoft Hekla DMS CRM) and/or an Enterprise Search (like Julysoft Geysir Enterprise Search) not only your company has data privacy by default / data privacy by design implemented but also your company data governance is more efficient, your operational costs decrease and in fact your business may grow just using better and faster its data – being it personal or no. Bottom line is: REG will force companies see security and data governance as an important compliance task and not only an afterthought – and this in itself is a benefical aspect or REG!

 

Rights of data subject that Controller must support:

- "Information and access to personal data": When asked by data subject, in maximum 1 month, Controller must reply to requestor, free of charge, in paper or electronical form all PD he has on data subject, along a list of other data, like:contact data of Protection Data Officer (employee or contractor of Controller that REG - in some conditions – requires to exist), the purposes of the processing, list of third parties that PD has been transmitted and why, etc. Failing to comply with this request may allow to data subject to fill a compliant to EU Data Protection Authority and also can ask material compensations under REG terms (Art. 12, Art. 13).

- "Rectification and erasure": When asked by a subject, Controller must without undue delay delete parts or modify data as asked by the subject.

- "Right to be forgotten" - "The data subject shall have the right to obtain from the Controller the erasure of personal data concerning him or her without undue delay and the Controller shall have the obligation to erase personal data without undue delay.." Art. 17, p.1

- "Right to restriction of processing" – subject can ask Controller that its PD not to be processed – Art. 18

- "Notification obligation regarding rectification or erasure of personal data or restriction of processing" – Art. 19 – Controller must notificate data subject after any data deletion or update has been done under terms of any of articles: 16, 17, 18

- "Right to data portability" : "The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a Controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another Controller without hindrance from the Controller to which the personal data have been provided..." (Art. 20, p.1)

General obligations of Controller and Processor:

"Taking into account the nature, scope, context and purposes of processing as well as the risks of varying likelihood and severity for the rights and freedoms of natural persons, the Controller shall implement appropriate technical and organisational measures to ensure and to be able to demonstrate that processing is performed in accordance with this Regulation. Those measures shall be reviewed and updated where necessary" – Art. 24, p.1

 

In plain english the general large above statement implies Controller must ensure PD security and privacy namely prevent its availability to an indeterminate number of persons – PD must be kept technically private. Also for any PD Controller collects must have a resonable processing reasons he can demonstrate and any processing by Controller and or its Processor must be traceable!

 

Other obligations are:

- Notification of a personal data breach to the supervisory authority – Art. 33

- Communication of a personal data breach to the data subject – Art. 34

- Data protection impact assessment and prior consultation – Art 35, Art. 36

- Data Protection Officer – Art. 37, Art. 38, Art. 39

- Codes of conduct – Art. 40, Art. 41, Art. 42

 

References:

http://ec.europa.eu/justice/data-protection/

http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679&from=EN

 

Stelian from www.JulySoft.net - Bucharest, 27 Nov 2017