Occupational doctor is controller when you test your employees for coronavirus

At least this is the latest position in Italy, which is rather interesting, and provides some lead in controlling this pandemic in the workplace, reducing the risk on rights and freedoms of employees. The relevant paragraph from the article worth reading and I am referring to is quoted below.

The Italian data protection authority held that serological tests run on employees are privacy compliant in Italy provided that the occupational doctor is the data controller and is the sole individuals aware of the results of the test, communicating to the employer only the suitability/unsuitability of the employee to perform the working activity.

Watch out! Ransomeware actors have turned to blackmail

Ransomware has evolved into blackmail. We are all familiar with the concept of ransomware, whereby critical operational data, which includes personal data is encrypted by hackers, and hence inaccessible to the business. In order to get access, i.e. the decrypted data (the key is owned by the hacker), they need to pay a fee. The fees are significant, this article gives an insight, e.g. a recent case resulted in a fee to be paid of $350 000.

So the business gets back their operational files, and this is where the blackmail kicks in. The hackers will request a second ransomware fee of between $100 000 and $2 000 000 for the data to be deleted or they will make it public!

What is surprising, or maybe not, is that the victims are actually paying. Especially those in private healthcare, who can’t afford the damage to their reputation should it get out that they have been hacked, and sensitive data has been stolen…. and they don’t report the breach as is required by law (in the U.S.) and Europe, and other countries globally.

If you are worried about this trend, and we all should be, then protect your data as it should be (GDPR Art 32 requires this is done). Get the experts in, they cost much less than what a ransomware demand will, if they get to you first. And it could be that it is not so difficult to fix, you maybe surprised!

Edited: PrivSec have a free ‘fireside chat’ session on ransomware, and what to do if it happens to you, you can book here.