Tag Archives: Strategy

Datatilsynet

New Supervisory unit of the Data Protection Agency

<<Data Protection Agency has created a new oversight unit>>

The new regulator will be responsible for all Data Protection Agency scheduled inspections and DPA ad hoc inspections for violations of the statutory safety requirements.

The device is horizontal. It includes employees from all parts of the Data Protection Agency. Head Lena Andersen heads the unit.

Planned supervision

In selecting topics for scheduled inspections should be according to the Data Protection Agency’s regulatory strategy for 2016-2018 particular attention to the processing of personal data, which because of their size or purpose may pose a particular risk to violate the data subject’s right to data protection and privacy, as well as on treatments which involves the use of new technology.

In selecting topics as well as the data controller, to be included in the planned visit, take Datatilsynet include considering whether an area is obtained information – including letters from individuals or via media coverage – that would suggest a special need for supervision.

 

The subjects of planned inspections in 2016

Data Authority inspection unit focuses in 2016 on selected topics from a variety of controllers.

Checking the following items will go again on 30 supervision facing public authorities:

• Comprehensive safety rules
• authority’s own supervision,
• processor agreements and
• authority’s own control processors.

At 20 private controllers the following topics go again:

• Compliance with the Data Protection conditions
• processor agreements and
• the company’s own control processors.

In all monitoring will be used information gathering by questionnaire.

Opposite least 5 controller Data Protection Agency will also follow up with the actual inspections. >>

Data Protection Commissioner

Data Protection Commissioner’s Priorities for 2016

Speaking on the 10th Annual Data Protection Day Commissioner Helen Dixon set out her priorities for 2016:

“A key priority is the continued expansion of resources at the Irish data protection authority including the further recruitment of legal and technical specialists, to add to our strong team. Our staff now includes expert lawyers, an investigations specialist, security technology specialists, a communications head, complaints investigators and an audit specialist. Already, we are seeing huge benefits from the additional staffing, particularly in delivering faster resolutions for complainants. Another critical round of recruitment is shortly to commence, with the assistance of the Public Appointments Service, seeking further IT and technical compliance specialists.”

The Commissioner also highlighted other priorities for the office, saying “There is a clear need for better compliance by the Irish public sector. In particular, the legislative process must be improved to ensure greater deliberation and scrutiny of issues that interfere with the fundamental right to data protection. Data protection is a fundamental right, protected by the 1995 EU Data Protection Directive, the EU Charter of Fundamental Rights and our own national legislation. It is not, however, an absolute right, and in certain circumstances, must yield to other competing rights. Striking the appropriate balance between these competing rights is difficult. Importantly, because data protection is a fundamental right, any interference with these rights by a public body must generally be provided for by law. More than that, it must be proportionate, necessary and made in furtherance of recognised and stated objectives of general interest or the need to protect the rights of others. Consideration must be given to all of these matters when drafting legislation.”

Ms. Dixon’s other priorities include the establishment of a permanent Dublin base for the Office on Fitzwilliam Square (temporary location now on Harcourt Road) to complement the existing location in Portarlington, a series of targeted technical audits, a complete overhaul of the Office’s website: www.dataprotection.ie and ongoing relationship building with European Article 29 Working Party peers.

Autoriteit Persoonsgegevens

Personal Surveillance Authority presents calendar 2016

<<The Authority for Personal Data presented today at the International Privacy Day, the topics on which the regulator focuses in 2016. It involves the following five topics: protection of personal data, big data and profiling, medical data, personal data with the (digital) government and personal data in the employment relationship.

To promote compliance with the Data Protection Act (DPA), the Authority Personal mix of instruments in the field of monitoring, enforcement and communication. She conducts research on suspicion of serious violation of the law that are structural in nature and affect many people. In some cases, the Personal Authority launched an investigation, but it sends a letter or they are on a call. The Authority Personal Information may also impose fines in addition to the cease and desist order since January 1, 2016. Moreover, since these organizations require of serious data breaches immediately report to the supervisor.

The annual Day of the Privacy is brought to life by the Council of Europe with support from the European Commission. The purpose of this day (January 28) is to inform citizens about their rights in the use of their personal data. Meanwhile it is also the Day of privacy in a number of non-European countries, including Canada and the United States.>>