Legal aspects of information security and personal data protection

Data is displayed for the academic year: 2024./2025.

Course Description

The course "Legal aspects of information security and personal data protection" provides knowledge about legal aspects related to information security and protection of personal data. This course aims to acquaint students with key legal concepts, regulations and rules that are relevant to the field of information security and personal data protection. The basic description of the subject includes the following topics: 1. Information security concepts: Introduction to basic terms and concepts of information security, including threats, vulnerabilities, risks and protection measures. Understanding the importance of information security in today's digital environment. 2. Legislative framework: Overview of relevant national and international legislative frameworks that regulate information security and personal data protection, including the NIS/2 Directive, the General Data Protection Regulation, eIDAS Regulation, E-commerce Directive, national data protection laws and international agreements. 3. Data protection principles: Study of basic principles of personal data protection, including legality, fairness and transparency in data processing, purpose of restriction, data minimization, accuracy, storage limitation, integrity and confidentiality, and accountability. 4. Roles and Responsibilities: Understanding the role of different stakeholders in the protection of personal data, such as data subjects, data controllers and processors, supervisory authorities - their responsibilities and obligations in accordance with regulations. When presenting liability, the preventive function of liability for damage due to violations of rules on information security and personal data protection is particularly emphasized. 5. Procedures and practices: Overview of procedures and practices applied in the field of information security and personal data protection. Including topics such as risk assessment, data security management, incident management, data subject rights, network and communications security, and system security. The course "Fundamentals of legal regulation of information security and personal data protection" provides students with a fundamental understanding of the legal framework and regulations in order to ensure the application of best practices in the field of information security and personal data protection.

Study Programmes

Postgraduate spec. study

Literature

Council of Europe, European Union Agency for Fundamental Rights (2018.), Handbook on European data protection law, Council of Europe
Maria Grazia Porcedda (2022.), Cyber Security, Privacy and Data Protection in EU Law, Hart Publishing; 1st edition (March 23, 2023)
Tatjana Josipović, Ivana Kanceljak, Saša Nikšić, Siniša Petrović, Kristijan Poljanec, Davor Adrian Babić (2022.), Privatno pravo Europske Unije, Narodne novine

General

ID 228283
  Summer semester
6 ECTS
L0 English Level