{"id":43530,"date":"2026-07-15T10:41:56","date_gmt":"2026-07-15T08:41:56","guid":{"rendered":"https:\/\/smartfense.com\/?p=43530"},"modified":"2026-07-15T10:42:02","modified_gmt":"2026-07-15T08:42:02","slug":"protecting-health-data-gdpr-healthcare","status":"publish","type":"post","link":"https:\/\/smartfense.com\/en\/blog\/protecting-health-data-gdpr-healthcare\/","title":{"rendered":"Protecting health data: what the GDPR asks of healthcare organizations"},"content":{"rendered":"<p>A medical record says far more than a credit card ever could. It reveals diagnoses, treatments, family history and habits that stay with a person for life. That is why the General Data Protection Regulation (GDPR) does not treat health data as just another field. It places it in the most protected category, with obligations that reach well beyond the legal or IT department.<\/p>\n<p>In a clinic, a hospital or a lab, many of those obligations end up in the hands of whoever staffs the front desk, the nurse logging an episode, or the administrator answering an email. Complying with the GDPR in healthcare is, first and foremost, a matter of prepared people.<\/p>\n<h2>What counts as health data under the GDPR?<\/h2>\n<p>Data concerning health is personal data that reveals information about a person\u2019s physical or mental health status, including the provision of healthcare services. That is how Article 4 of the GDPR defines it, and it covers everything from a diagnosis to a medical record number, a lab result, or the simple fact that someone attended an appointment.<\/p>\n<p>Article 9 classifies it as a <strong>special category of data<\/strong>. The practical consequence is clear. Processing it is prohibited unless a specific basis allows it, such as the person\u2019s explicit consent or the provision of healthcare by a professional bound by confidentiality. The general basis that works for other personal data is not enough here.<\/p>\n<p>This distinction matters because it raises the bar. The same slip (an email sent to the wrong recipient, a folder shared without controls) carries a very different impact and responsibility when what travels is health information.<\/p>\n<h2>What does the GDPR ask of a healthcare organization?<\/h2>\n<p>The regulation spreads responsibility for data across the whole organization. Three obligations land especially clearly in the daily work of anyone handling patient information.<\/p>\n<p><strong>Security of processing as a daily habit.<\/strong> Article 32 requires technical and organizational measures appropriate to the risk. In a healthcare setting that includes encryption and access control, but also something less visible. Each person needs to handle information carefully, avoid reusing passwords, check who they are sending a message to, and understand why access to a medical record is logged.<\/p>\n<p><strong>Accountability.<\/strong> Article 5 asks you to demonstrate compliance, not merely comply. For a healthcare organization that means training, policies and records must be documented and available, because the burden of proof falls on the controller.<\/p>\n<p><strong>Impact assessment when the risk is high.<\/strong> Large-scale processing of health data usually calls for a data protection impact assessment (Article 35). That analysis identifies the risks of the processing and the measures to mitigate them, and it often shows that the greatest risk lies in the everyday behavior of people more than in the technology.<\/p>\n<h2>How do you detect and report a health data breach?<\/h2>\n<p>When a security incident affects personal data, the GDPR starts a clock. Article 33 requires notifying the supervisory authority within <strong>72 hours<\/strong> of becoming aware of it. If the breach poses a high risk to the people affected, Article 34 also requires informing them directly.<\/p>\n<p>That deadline is only met if the organization finds out in time, and this is where the human factor returns to center stage. According to the Verizon DBIR report, the human factor is involved in close to 6 out of 10 security breaches. In healthcare, the person who receives a suspicious email or spots an unusual access is often the first line able to raise the alarm.<\/p>\n<p>The difference between reporting within 72 hours and discovering the incident weeks later rarely comes down to a tool. It comes down to whether the person who saw something odd knows what an incident is and who to report it to without fear of being wrong. Building that detection-and-reporting capability is an awareness task, not an infrastructure one.<\/p>\n<h2>What must you be able to prove in an audit?<\/h2>\n<p>Facing an inspection or an audit, the question is not whether the organization once ran a session. It is whether it can prove that the right people received the right training and that the training holds over time. Three pieces of evidence make the difference:<\/p>\n<ul>\n<li><strong>Training records by audience.<\/strong> Who completed what content and when, distinguishing clinical staff from administrative or management roles, because they do not all handle the same type of data or carry the same risk.<\/li>\n<li><strong>Policies communicated and accepted.<\/strong> An information-handling policy existing is not enough; you have to show it was distributed and that people know it.<\/li>\n<li><strong>Traceability of the controller\u2019s actions.<\/strong> Assessments, reminders, simulations and their results over time, to sustain the accountability of Article 5.<\/li>\n<\/ul>\n<p>That is the work we do at SMARTFENSE every day, with awareness programs mapped to the GDPR articles, segmented by audience and with training evidence ready for audit. The platform turns a diffuse obligation into concrete records the controller can present on request.<\/p>\n<h2>Compliance lives in people<\/h2>\n<p>The GDPR in healthcare is not solved by buying a technology or signing a document. It rests on professionals who recognize sensitive data, know how to protect it, and act in time when something goes wrong. Technology sets the barriers; people decide whether they hold.<\/p>\n<p>If your organization handles health data and you want to move from good intentions to demonstrable evidence, the first step is to measure what your teams know and do today. That diagnosis shows where the real risk sits and where to start.<\/p>\n<p><a href=\"https:\/\/smartfense.com\/en\/compliance\/gdpr\/\">See how to approach GDPR compliance from the human factor<\/a> and lean on <a href=\"https:\/\/smartfense.com\/en\/platform\/regulations-policies-procedures-management\/\">regulations, policies and procedures management<\/a> to keep every obligation documented.<\/p>\n<p>To go deeper into specific obligations, <a href=\"https:\/\/smartfense.com\/blog\/ley-de-proteccion-de-datos-personales-capacitacion-y-concientizacion-como-requisito\/\">awareness as a data protection requirement<\/a>, <a href=\"https:\/\/smartfense.com\/en\/blog\/iso-27001-2022-control-6-3-awareness\/\">ISO 27001 control 6.3 on awareness<\/a> and the <a href=\"https:\/\/smartfense.com\/en\/blog\/nis2-security-awareness-compliance-deep-dive\/\">technical depth of NIS2 for compliance officers<\/a> are good starting points.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The GDPR treats health data as a special category. What it asks of the people in a healthcare organization and what to prove in an audit.<\/p>\n","protected":false},"author":31,"featured_media":43527,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[3,686],"tags":[1362,1364,2302,1721,448],"class_list":["post-43530","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","tag-cumplimiento-normativo-en","tag-gdpr-en","tag-healthcare-sector","tag-proteccion-de-datos-en","tag-security-awareness"],"acf":[],"yoast_head":" \n<title>Protecting health data under the GDPR<\/title>\n<meta name=\"description\" content=\"The GDPR treats health data as a special category. What it asks of the people in a healthcare organization and what to prove in an audit.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/smartfense.com\/en\/blog\/protecting-health-data-gdpr-healthcare\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Protecting health data under the GDPR\" \/>\n<meta property=\"og:description\" content=\"The GDPR treats health data as a special category. What it asks of the people in a healthcare organization and what to prove in an audit.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/smartfense.com\/en\/blog\/protecting-health-data-gdpr-healthcare\/\" \/>\n<meta property=\"og:site_name\" content=\"SMARTFENSE\" \/>\n<meta property=\"article:published_time\" content=\"2026-07-15T08:41:56+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-07-15T08:42:02+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/smartfense.com\/file\/2026\/07\/hero-1-9.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1376\" \/>\n\t<meta property=\"og:image:height\" content=\"768\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Andrea Sona\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Andrea Sona\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/protecting-health-data-gdpr-healthcare\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/protecting-health-data-gdpr-healthcare\\\/\"},\"author\":{\"name\":\"Andrea Sona\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#\\\/schema\\\/person\\\/3d5d7dc2e569f5c1af2daef92f35de00\"},\"headline\":\"Protecting health data: what the GDPR asks of healthcare organizations\",\"datePublished\":\"2026-07-15T08:41:56+00:00\",\"dateModified\":\"2026-07-15T08:42:02+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/protecting-health-data-gdpr-healthcare\\\/\"},\"wordCount\":953,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/protecting-health-data-gdpr-healthcare\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2026\\\/07\\\/hero-1-9.jpg\",\"keywords\":[\"Cumplimiento Normativo\",\"GDPR\",\"healthcare sector\",\"protecci\u00f3n de datos\",\"security awareness\"],\"articleSection\":[\"Blog\",\"Blog\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/protecting-health-data-gdpr-healthcare\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/protecting-health-data-gdpr-healthcare\\\/\",\"url\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/protecting-health-data-gdpr-healthcare\\\/\",\"name\":\"Protecting health data under the GDPR\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/protecting-health-data-gdpr-healthcare\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/protecting-health-data-gdpr-healthcare\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2026\\\/07\\\/hero-1-9.jpg\",\"datePublished\":\"2026-07-15T08:41:56+00:00\",\"dateModified\":\"2026-07-15T08:42:02+00:00\",\"description\":\"The GDPR treats health data as a special category. What it asks of the people in a healthcare organization and what to prove in an audit.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/protecting-health-data-gdpr-healthcare\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/protecting-health-data-gdpr-healthcare\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/protecting-health-data-gdpr-healthcare\\\/#primaryimage\",\"url\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2026\\\/07\\\/hero-1-9.jpg\",\"contentUrl\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2026\\\/07\\\/hero-1-9.jpg\",\"width\":1376,\"height\":768,\"caption\":\"Profesional sanitario revisando un historial en una tablet en un pasillo de hospital, con luz c\u00e1lida que transmite cuidado y responsabilidad sobre la informaci\u00f3n del paciente\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/blog\\\/protecting-health-data-gdpr-healthcare\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Portada\",\"item\":\"https:\\\/\\\/smartfense.com\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Protecting health data: what the GDPR asks of healthcare organizations\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/smartfense.com\\\/en\\\/\",\"name\":\"SMARTFENSE - Concienciaci\u00f3n en Ciberseguridad\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/smartfense.com\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#organization\",\"name\":\"SMARTFENSE\",\"url\":\"https:\\\/\\\/smartfense.com\\\/en\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/logo-smartfense-240x40-1.png\",\"contentUrl\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/logo-smartfense-240x40-1.png\",\"width\":241,\"height\":40,\"caption\":\"SMARTFENSE\"},\"image\":{\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/en\\\/#\\\/schema\\\/person\\\/3d5d7dc2e569f5c1af2daef92f35de00\",\"name\":\"Andrea Sona\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/andrea-sona-avatar-150x150.png\",\"url\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/andrea-sona-avatar-150x150.png\",\"contentUrl\":\"https:\\\/\\\/smartfense.com\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/andrea-sona-avatar-150x150.png\",\"caption\":\"Andrea Sona\"},\"description\":\"Da anni nel settore informatico, Analista Informatica di professione, negli ultimi anni specializzata in cybersecurity awareness e formazione digitale, attualmente collaborando in SMARTFENSE. Con esperienza nel supportare aziende e organizzazioni nella diffusione della cultura della sicurezza informatica. Appassionata di innovazione e comunicazione tecnologica, contribuisce attivamente al dibattito sulla sicurezza digitale attraverso contenuti divulgativi.\",\"sameAs\":[\"https:\\\/\\\/www.linkedin.com\\\/in\\\/andrea-sona-58238b83\\\/\"],\"url\":\"https:\\\/\\\/smartfense.com\\\/en\\\/author\\\/andrea-sona\\\/\"}]}<\/script>\n ","yoast_head_json":{"title":"Protecting health data under the GDPR","description":"The GDPR treats health data as a special category. What it asks of the people in a healthcare organization and what to prove in an audit.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/smartfense.com\/en\/blog\/protecting-health-data-gdpr-healthcare\/","og_locale":"en_US","og_type":"article","og_title":"Protecting health data under the GDPR","og_description":"The GDPR treats health data as a special category. What it asks of the people in a healthcare organization and what to prove in an audit.","og_url":"https:\/\/smartfense.com\/en\/blog\/protecting-health-data-gdpr-healthcare\/","og_site_name":"SMARTFENSE","article_published_time":"2026-07-15T08:41:56+00:00","article_modified_time":"2026-07-15T08:42:02+00:00","og_image":[{"width":1376,"height":768,"url":"https:\/\/smartfense.com\/file\/2026\/07\/hero-1-9.jpg","type":"image\/jpeg"}],"author":"Andrea Sona","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Andrea Sona","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/smartfense.com\/en\/blog\/protecting-health-data-gdpr-healthcare\/#article","isPartOf":{"@id":"https:\/\/smartfense.com\/en\/blog\/protecting-health-data-gdpr-healthcare\/"},"author":{"name":"Andrea Sona","@id":"https:\/\/smartfense.com\/en\/#\/schema\/person\/3d5d7dc2e569f5c1af2daef92f35de00"},"headline":"Protecting health data: what the GDPR asks of healthcare organizations","datePublished":"2026-07-15T08:41:56+00:00","dateModified":"2026-07-15T08:42:02+00:00","mainEntityOfPage":{"@id":"https:\/\/smartfense.com\/en\/blog\/protecting-health-data-gdpr-healthcare\/"},"wordCount":953,"commentCount":0,"publisher":{"@id":"https:\/\/smartfense.com\/en\/#organization"},"image":{"@id":"https:\/\/smartfense.com\/en\/blog\/protecting-health-data-gdpr-healthcare\/#primaryimage"},"thumbnailUrl":"https:\/\/smartfense.com\/file\/2026\/07\/hero-1-9.jpg","keywords":["Cumplimiento Normativo","GDPR","healthcare sector","protecci\u00f3n de datos","security awareness"],"articleSection":["Blog","Blog"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/smartfense.com\/en\/blog\/protecting-health-data-gdpr-healthcare\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/smartfense.com\/en\/blog\/protecting-health-data-gdpr-healthcare\/","url":"https:\/\/smartfense.com\/en\/blog\/protecting-health-data-gdpr-healthcare\/","name":"Protecting health data under the GDPR","isPartOf":{"@id":"https:\/\/smartfense.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/smartfense.com\/en\/blog\/protecting-health-data-gdpr-healthcare\/#primaryimage"},"image":{"@id":"https:\/\/smartfense.com\/en\/blog\/protecting-health-data-gdpr-healthcare\/#primaryimage"},"thumbnailUrl":"https:\/\/smartfense.com\/file\/2026\/07\/hero-1-9.jpg","datePublished":"2026-07-15T08:41:56+00:00","dateModified":"2026-07-15T08:42:02+00:00","description":"The GDPR treats health data as a special category. What it asks of the people in a healthcare organization and what to prove in an audit.","breadcrumb":{"@id":"https:\/\/smartfense.com\/en\/blog\/protecting-health-data-gdpr-healthcare\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/smartfense.com\/en\/blog\/protecting-health-data-gdpr-healthcare\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/smartfense.com\/en\/blog\/protecting-health-data-gdpr-healthcare\/#primaryimage","url":"https:\/\/smartfense.com\/file\/2026\/07\/hero-1-9.jpg","contentUrl":"https:\/\/smartfense.com\/file\/2026\/07\/hero-1-9.jpg","width":1376,"height":768,"caption":"Profesional sanitario revisando un historial en una tablet en un pasillo de hospital, con luz c\u00e1lida que transmite cuidado y responsabilidad sobre la informaci\u00f3n del paciente"},{"@type":"BreadcrumbList","@id":"https:\/\/smartfense.com\/en\/blog\/protecting-health-data-gdpr-healthcare\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Portada","item":"https:\/\/smartfense.com\/en\/"},{"@type":"ListItem","position":2,"name":"Protecting health data: what the GDPR asks of healthcare organizations"}]},{"@type":"WebSite","@id":"https:\/\/smartfense.com\/en\/#website","url":"https:\/\/smartfense.com\/en\/","name":"SMARTFENSE - Concienciaci\u00f3n en Ciberseguridad","description":"","publisher":{"@id":"https:\/\/smartfense.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/smartfense.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/smartfense.com\/en\/#organization","name":"SMARTFENSE","url":"https:\/\/smartfense.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/smartfense.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/smartfense.com\/file\/2023\/08\/logo-smartfense-240x40-1.png","contentUrl":"https:\/\/smartfense.com\/file\/2023\/08\/logo-smartfense-240x40-1.png","width":241,"height":40,"caption":"SMARTFENSE"},"image":{"@id":"https:\/\/smartfense.com\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/smartfense.com\/en\/#\/schema\/person\/3d5d7dc2e569f5c1af2daef92f35de00","name":"Andrea Sona","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/smartfense.com\/file\/2026\/05\/andrea-sona-avatar-150x150.png","url":"https:\/\/smartfense.com\/file\/2026\/05\/andrea-sona-avatar-150x150.png","contentUrl":"https:\/\/smartfense.com\/file\/2026\/05\/andrea-sona-avatar-150x150.png","caption":"Andrea Sona"},"description":"Da anni nel settore informatico, Analista Informatica di professione, negli ultimi anni specializzata in cybersecurity awareness e formazione digitale, attualmente collaborando in SMARTFENSE. Con esperienza nel supportare aziende e organizzazioni nella diffusione della cultura della sicurezza informatica. Appassionata di innovazione e comunicazione tecnologica, contribuisce attivamente al dibattito sulla sicurezza digitale attraverso contenuti divulgativi.","sameAs":["https:\/\/www.linkedin.com\/in\/andrea-sona-58238b83\/"],"url":"https:\/\/smartfense.com\/en\/author\/andrea-sona\/"}]}},"_links":{"self":[{"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/posts\/43530","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/users\/31"}],"replies":[{"embeddable":true,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/comments?post=43530"}],"version-history":[{"count":7,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/posts\/43530\/revisions"}],"predecessor-version":[{"id":43617,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/posts\/43530\/revisions\/43617"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/media\/43527"}],"wp:attachment":[{"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/media?parent=43530"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/categories?post=43530"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/smartfense.com\/en\/wp-json\/wp\/v2\/tags?post=43530"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}