Acquisition, management, rewriting and storage of data should be based on decisions that take into account possible risks. This risk may be due to poor processing conditions, improper removal, loss, theft, uncontrolled modification, unauthorized access, or improper storage. It is important to identify possible scenarios for data loss - to determine the probability and frequency of their occurrence, the degree of harm and, in the next step, to plan actions to bring the crisis to a standstill. It should be noted that the May Regulation is not a set of ready-to-use solutions. It does not provide clear-cut methods for dealing with the problems that may arise in the protection of personal data, but allows the requirements of the Regulation to be adapted to the scale and validity of the data.
Due to Data Protection Regulation, many companies may ask themselves whether their databases are also subject to regulation. It is particularly unclear when the company does not have information that directly identifies a particular natural person, such as a name and surname, but has a substitute, e. g. a pseudonym or only the IP address from which the network connection is made. Is it necessary to secure the data also in this case? What types of data should be protected according to GDPR?
The General Data Protection Regulation (GDPR, RODO) was established by the Regulation of the European Parliament and of the Council of April 27, 2016. This EU legislation contains provisions on the protection of individuals with regard to the processing of personal data and the free movement of such information. The purpose of the Regulation is to harmonize the process of personal data transfer across the EU. After a two-year transitional period, the Regulation will become effective in the Member States from May 25, 2018. The new regulations will be applied directly without the need for their implementation.
What is GDPR?
The distant vision of the draft data protection reform in the European Union becomes a reality. The EU's work on the introduction of uniform legislation launched in 2012 will soon come into effect. What does reform really mean? What is GDPR, RODO and what are the changes?