WHAT IS DATA PROTECTION?
The new European regulation of data protection is, as the name implies, a set of rules that ensure that citizens know who has their personal data and the purpose for which they are used.
In the same way, data protection seeks to guarantee the privacy and confidentiality of the data that is shared; It is also about preserving the right to give authorization or not to those who require it.
This new regulation has a general scope and is mandatory throughout the European Union. Both the public and private sectors must abide by these new rules to avoid the penalties provided by law.
HOW DOES THE DATA PROTECTION REGULATION AFFECT WORKERS AND COMPANIES?
The new regulation brings several important developments, in terms of the procedure and protocol for data protection, as well as in terms of sanctions in case of violating the regulation.
It is essential that individuals, workers and companies, inform themselves about it to adapt to this new regulation as soon as possible and thus avoid problems in the future. In this sense, some of the most important developments to take into account are:
- Principle of Active Responsibility
In this new regulation will apply the Principle of Active Responsibility. It consists in that the company must adapt all its procedures and protocols to the new regulations. But this will not be enough, but it must also be demonstrated that the necessary measures have been taken in this regard.
- Stronger sanctions
Another of the most important changes that the new regulation brings are the sanctions, which will be much tougher. Depending on the specific case or the type of data breach, individuals or companies may be penalized with penal, civil and labor penalties. Fines of up to 4% of annual turnover may also be imposed.
- Informative actions
One of the aspects in which the new regulation emphasizes is the need and requirement to make a clear, concise and informative statement about the user's data; the consent of each person is also reinforced.
- Changes for companies
According to this new regulation, companies must adjust or incorporate some changes, such as: have a data protection delegate or appoint a worker responsible for privacy.
A record of activities, treatment of special information and all updated documentation must also be maintained.
In order to achieve the proposed objectives, it is necessary that every person or company, regardless of their size, must be informed and adapt to this new regulation in a mandatory manner.
According to opinions of experts in the field, this is a regulation that will completely change the relationship between users and companies.
Writings SF Lawyers