Tag Archives: strategic plan

Comissão Nacional de Proteção de Dados (CNPD)

The Portuguese Data Protection Authority launches its Activities Plan for 2016

On April 2016, the Portuguese Data Protection Authority (hereinafter, CNPD) published the “Plano de Atividades CNPD 2016”. This Plan provides a legal analysis which aims to address the transition to the new European legal framework for the current and following years.

More specifically, the subsequent actions has been defined:

1. The preparation for the implementation of the General Data Protection Regulation (GDPR);

2. New enforcement measures for data processing operations in the field of public sector and marketing communications.

This document also deals with handling of personal data in some specific areas such as; the identity theft, the personal data for administrative transparency reasons and the impact of Internet of Things on citizens’ privacy.

Besides, particular mention needs to be made to the Institutional Cooperation established in part E of the Plan more precisely, the establishment of new protocols with higher education institutions (first point), the implementation of the Center Safe Internet highlighting the area of ​​prevention in the field of data protection among young people using the Internet (fourth point), the Cooperation with the Cape Verdean counterpart authority, in exchange of information and experiences of the plan, technical training, integration in the various international data protection forums and support in the preparatory work for the recognition of the adequacy of data protection level (fifth point) and the consolidation of cooperation with the Personal Data Protection Office (OPPD) in the Region of Macao (sixth point).

Agencia Española de Protección de Datos (AEPD)

Final version of the Strategic Plan approved by the AEPD

On 20 November 2015, the Spanish Data Protection Agency (AEPD) approved its “Strategic Plan” for the period 2015-2019. The Plan is the result of the public consultation process from 15 to 31 October 2015.

A specific timetable to implement a wide range of actions has been created. In this sense, the AEPD has focused on the following areas.

Strategic axis n. 1: Prevention for a more effective protection (protection of citizens, protection of minors and education, actions in relation to public administrations, certification, accreditation and audit and other prevention measures).

Strategic axis n. 2: Innovation and data protection “Confidence factor and quality guarantee”

Strategic axis n. 3: A collaborative, transparent and participatory agency (the promotion of a culture of data protection, communication tools, website and dissemination)

Strategic axis n. 4: An agency closer to privacy authorities, officers and professionals (relationships with stakeholders, SMEs, privacy and IT professionals).

Strategic axis n. 5: A more agile and efficient agency (solution for international challenges, simplification and improvement in management, digital AEPD and definition of the AEPD status and competences).

This document is the result of a public consultation from 15 to 30 October. The final version includes the elaboration of an annual report with the level of compliance with the Strategic Plan, new proposals and any corrective measures to be taken in case of non-compliance.

The report will be sent to the Constitutional Committee of Congress and made public on the AEPD website.

Agencia Española de Datos Personales (AEPD)

Developing a new Strategic Plan with stakeholders by the AEPD

On 15 October 2015, the AEPD issued its “Strategic Plan” which will be implemented during the period 2015-2018. It aims to lay the foundations for the main priorities of the AEPD and a wide variety of stakeholders such as citizens, experts in data protection, data controllers and public and private organizations have been involved in drafting it.

At this moment, the Plan has been submitted to public consultation in order to set out a series of new initiatives which are structured in the following five main strategic areas: 1. Prevention to more effective protection; 2. Innovation and privacy: trust factor and quality assurance; 3. Measures for increasing collaboration, transparency and participation; 4. A more practical-oriented programme, closer to the needs of individuals, privacy controllers and professionals; 5. Enhancing efficiency.