The General Data Protection Regulation requirements apply to each Member State of the European Union, aiming to create more consistent protection of consumer and personal data across EU Member States. In April 2016 the GDPR were adopted at EU level. The GDPR started to apply as from the 25th May 2018 and replaced the Data Protection Act. Companies that fail to achieve GDPR compliance are subject to penalties and fines.
This subject is relevant to those responsible for processes involving personal data including Human Resources Managers, Marketing Managers, IT Managers, Compliance Officers, Internal Auditors, and Administration Officers.
It’s very important that one should get grip and obtain clear understanding of the processes and procedures that need to be in place in order to comply on an ongoing basis from May 2018. One should have good knowledge about:
- Data Protection Impact Assessments
- Data Protection Compliance Audits
- Selecting and negotiating with a service provider: contract clauses and security measures expected
- Handling Subject Access Requests and requests for rectification or erasure
- Data breach detection and incident management
- Managing data retention; archiving and record pseudonymisation
- Maintaining a record of processing activities
For more information one can contact the Office of the Information and Data Protection Commissioner:
Website: https://idpc.gov.mt;
Email: [email protected];