New Legislation | In depth look: Protecting personal data

Published on : 04/01/2018 04 janvier Janv. 2018
In May 2018, new European regulations on the protection of personal data will enter into force. All companies will have to comply.
The regulation aims at reinforcing the rights of persons whose personal data is used, and to increase the responsibility of those who are involved in the use of this data. It will give new prerogatives to the French Commission nationale de l'informatique et des libertés (Cnil) in charge of overseeing compliance in this field, including sanctioning violations.
 
Here are some steps to implement in the coming months:
1. Designate a pilot:
To manage the governance of your company’s personal data, you will need a pilot, someone who will carry out an information, advisory and internal control mission: the data protection officer. This is mandatory in certain companies, but in practice is highly recommended for all.
 
2. Start by accurately listing/auditing your personal data processing.
The development of a register/audit of uses of personal data should cover the company internally and, if applicable, any subcontractor.
 
3. Prioritize the actions that need to be taken
Based on your register/audit, identify the actions that you’ll need to take to comply with current and future obligations. Prioritize these actions with regard to the risks your uses pose to the rights and freedoms of the people concerned.
 
4. Manage Risks
If you have identified the processing of personal data that may give rise to high risks for the rights and freedoms of data subjects, you will need to carry out a data protection impact assessment for each of these uses.
 
5. Organize Internal Processes
To ensure a high level of personal data protection at all times, implement internal procedures that ensure that data protection is taken into account, consider all the events that may occur in the long run (ex: security breach, management of requests for rectification or access, modification of data collected, a change of provider) and make sure that quick reactions are planned and implemented in case of security breaches.
 
6. Document your company’s compliance
To prove your compliance with the rules, you must create and consolidate the necessary documentation. Actions and documents completed at each stage must be reviewed and updated regularly to ensure continuous data protection, including with any subcontractor. 

History

<< < ... 5 6 7 8 9 10 11 ... > >>
IMPORTANT COOKIES INFORMATION
We use technical cookies to ensure the proper functioning of the site, we also use cookies subject to your consent to collect statistics visit.
Click below on & laquo; ACCEPT & raquo; to accept the deposit of all cookies or on & laquo; CONFIGURE & raquo; to choose which cookies require your consent will be registered (statistical cookies), before continuing your visit to the site. Show more
 
ACCEPT CONFIGURE REFUSE
Cookie management

Cookies are text files stored by your browser and used for statistical purposes or for the operation of certain identification modules for example.
These files are not dangerous for your device and are not used to collect personal data.
This site uses cookies of identification, authentication or load-balancing not requiring prior consent, and audience measurement cookies requiring your prior consent in application of the texts governing the protection of personal data.
You can configure the setting up of these cookies by using the settings below.
We inform you that if you refuse these cookies certain functionalities of the site can become unavailable.
Google Analytics is a tool for measuring audience.
The cookies deposited by this service are used to collect statistics of anonymous visits in order to measure, for example, the number of visitors and page views.
This data are used to follow the popularity of the site, to detect possible navigation problems, to improve its ergonomics and the user experience.