The European Regulation No. 679/2016 on the protection of natural persons in terms of processing their personal data and the free movement of such data was enacted in April 2016, repealing Directive 95/46/EC in force at present, starting May 2018 as implementation date.
The Regulation will be implemented 2 years after enforcement, i.e. May 2018, period in which the companies must get organized at internal level so as to prove compliance with the Regulation’s provisions upon implementation of such.
The...
The European Regulation No. 679/2016 on the protection of natural persons in terms of processing their personal data and the free movement of such data was enacted in April 2016, repealing Directive 95/46/EC in force at present, starting May 2018 as implementation date.
The Regulation will be implemented 2 years after enforcement, i.e. May 2018, period in which the companies must get organized at internal level so as to prove compliance with the Regulation’s provisions upon implementation of such.
The Regulation sets forth the “accountability” concept, meaning that data controllers and data processors will be liable on how they process personal data and must prove compliance with the personal data processing principles, namely: lawfulness, fairness and transparency, purpose limitation, data minimization, data accuracy, storage limitation, data integrity and confidentiality.
It brings significant improvement to the current legal regulations mainly taking into account technological evolution and the digitalization of global economy.
Moreover, new concepts are introduced and the sanctions for the failure to comply with the provisions of such Regulation are extremely high as compared to the existing ones, namely:
Up to EUR 10 mil or 2% of the global turnover
Up to EUR 20 mil or 4% of the global turnover
Therefore, in order to avoid sanctions which might lead to the company’s financial undermining, our recommendation is to take all necessary steps to adopt and implement, at company level, measures, procedures, rules that would meet the requirements in the new Regulation so that in May 2018 your company would turn out to be ‘’accountable’’, in the event of an investigation.
Since we want to support our clients in the new challenges brought by the upcoming changes in data protection legislation, we created a brochure (both English and Romanian). By accessing the attached brochure you will find several ideas on what to do at company level in order to become compliant with the new legal requirements and which are the most relevant provisions of the Regulation.
You are most welcome to contact us and schedule a meeting to discuss the legal steps your company should approach, according to the core business.
Leave a reply