Data Protection – know the new regulation (EU) 2016/679, starting on May 25th, 2018. Let’s see what is going to change next year.
To increase protection e privacy of personal data, it will be implemented, next year, a new regulation for data protection. This regulation will apply to all European Union citizens.
New laws will have a significant impact in public and private entities. It is advisable for company to document all rules and new obligations. It may be necessary some actions during the transition period, to guarantee that everything is alright after the new laws are implemented.
Which are the main concerns?
Globalization and technological evolution have led to major changes in sharing data between public and private entities. Nowadays, any citizen creates obstacles to share their personal data in Web platforms. Because of data protection, public and private entities are responsible for following the rules regulated by the current directive, accomplishing the law of personal data protection.
Is your company using the right security mechanisms to protect data? This should be your major priority.
Will login mechanisms be safe? Is your data encrypted? Are there security rules for folders and files used in your business? Are there tools in your organization that allow you to monitor how your data is being used? Are your emails protected from external threats?
The consequences of unauthorized data disclosure can be harmful for your company, not only financially, but also for company credibility.
The new regulation has significant changes to make sure that all private and public entities accomplish a set of rules that protect personal data, regardless nationality or place of residence. These changes must be applied by all European Union members.
Any entity that manage and process data, must respond for damage that may be caused, if the regulation isn’t respected. There will be a single document for all European Union members when you want to share or transfer data between countries, ensuring complete data protection.
Other Change
It may be necessary to review privacy policies and all documents that have references to data owners. All changes must be in line with what is mentioned in law.
Any entity will be obliged to contract a responsible by data protection. This person must obey to all rules mentioned in the regulation. This procedure is also applied to subcontractor: review all subcontracting contracts and guarantee that they are according the law.
Entities should implement procedures for their internal information systems to guarantee security and reliability of their data and prevent actions that lead to compromise confidentiality, destruction or data loss.
It should be mandatory to notify National Data Protection Commission in cases of personal data violation. Each entity should create codes of conduct and share them with all members of the organization. All data register should be made with detail.
The scope for data owners include limitations when analyzing data, the right to portability and new requirements regarding the right to delete data. Anyone may require to a company to stop accessing to their data.
Summary
Public and Private entities should make rigorous assessments about potential risks that can involve data owners, adopting procedures to reduce eventual threats and implementing fundamentals regulated by data protection.
Companies are obliged to show that they are fulfilling the law. If companies break rules, it’s predicted that they will pay more than 20 M EUR.
Sign up Blog
We promise not to use your contact information to send any kind of SPAM.
