For Grant Thornton Baltic OÜ, the 2021/2022 season in Estonia was very successful - our turnover increased by 24% compared to the previous financial year. The impressive growth took us to the second place in the ranking of auditing companies compiled by business newspaper Äripäev.
Video surveillance is used on streets, vehicles, shops, offices – pretty much everywhere. Whenever anyone leaves home – and as soon as they close the door behind them – they can wind up on someone else’s camera footage. Even when hiking in the woods, it’s possible to be captured by a wildlife camera.
Having data protection affairs in order at a company ensures reliable and trustworthy relations with businesspartners and a stronger position at the negotiating table. On the other hand, problems can mean fines running into the millions of euros even long after the issues are resolved.
Many employers have questions about whether and to what extent personal data can be requested from employees in the context of the coronavirus pandemic. In this article, I highlight some practical questions and concepts that employers should factor into processing of employee personal data and provide advice on how to mitigate the main risks for both employer and employee.
In certain cases, companies have an obligation to appoint a data protection officer. This obligation applies both to companies that process data themselves and to companies that process data from other companies. The data protection officer must also be recruited or outsourced by public authorities.
In January WhatsApp announced that it is changing its data policies so that the users only options are either to agree to their data policy and make data about them available to Facebook, the owner of WhatsApp, and any of its chosen third parties or not use the service. Grant Thornton Baltic's Head of Data Protection and Cybersecurity Maili Torma opens up the subject.
Cookies can't read data off your hard drive or cookie files created by other sites; they are one of the technologies tracking people’s behavior on the web.
On 16 July 2020, the European Union Court of Justice (CJEU) passed judgment C-311/18 (Schrems II), invalidating the US-EU certificate programme Privacy Shield, which ensures data transmission security.
In addition to the pandemic the 2020 is memorable as the year or record growth in cybercrime. According to the FBI the USA companies have reported a 400% growth in cyber-attacks and 68% more companies reported of fraud.
Most companies view an IT audit as an expense, but experts say in reality, it helps companies to save money – especially if it’s conducted at the right time. An IT audit is a possibility to obtain an external view of the information system in current use.
Remote work due to the coronavirus in companies is becoming a new positive trend, which is difficult to reverse, but both companies and employees will benefit from adapting to it, according to Äripäev’s radio program “Kasvukursil”. Grant Thornton Baltic's HR manager Marge Litvinova, IT-manager Arko Kurg and Partner of digital services Vladimir Rüntü discuss the plusses and minuses and possibilites and threats of working in different places such as the office, home offive or office abroad.
A new concept in Estonian legal system, administrative fine, was sent to coordination round to the relevant ministries by the Ministry of Justice. The new fine would enable a more effective response to violations of financial services, competition and data protection regulation in the future. Grant Thornton Baltic data protection officer Maili Torma and legal adviser Lee Laanemäe write about the potential changes awaiting us in the near future.
Maili Torma, the data protection specialist at Grant Thornton Baltic and the founder and board member of the Estonian Data Protection Association, was recently issued an international ISO 27001 lead auditor certificate in addition to the previously acquired CIPP/E and CIPM certificates.
During the emergency situation in Estonia, many employers have allowed some or all their employees to work from home. Allowing people to work from home cuts the risk of contracting the virus, but also raises the question of who is responsible for providing a safe and healthy work environment for the employee. Kärolin Rohumäe, Grant Thornton Baltic's legal adviser, explains in more detail.
Although technology has an important role in preventing cyber attacks, companies are neglecting an equally important means of preventing cyber threats from realising: their employees. The results of a recent study by Grant Thornton showed that the weakest link of cyber defence was overreliance on technology to protect personal data.
When you read about the draft ePrivacy Regulation it may appear as though all it does is regulate the use of cookies and manage direct marketing; but the draft ePrivacy Regulation also proposes more regulation of over-the-top (OTT) communications provides, such as Skype or WhatsApp.