The GDPR is a new legal frame of personal data protection in the European economy area. Since 25 May, 2018 it has been determining the rules of personal data processing, including those of the data subjects (individuals). On 25 May, 2018 the GDPR substituted the Act No. 101/2000 /Coll. on personal data protection in the Czech legal setting.
The GDPR relates to all subjects dealing with information on individuals (employers, suppliers, website or e-shop operators and the like). Both private sector (not only big organizations such as banks, insurance houses or hospitals but also small and medium-sized businesses) and public sector have to be ready for GDPR.
The GDPR introduces a whole number of new rules (e.g. the right of data portability, the right to be forgotten, the duty to carry out assessment on influence on personal data protection for selected procedures or appoint a data protection officer (DPO). Each personal data processor and controller will have to document the observing thereof through all of the data processing period. The general technological and administration stress in the sphere of personal data protection is going to increase substantially.
The sanctions for breaching some of the duties stipulated by the GDPR are going to increase considerably as well penalties up to 20,000,000 EUR or 4 % of total turnover per year worldwide (depending on which is higher). All subjects processing personal data should prepare well for GDPR.
The preparation for GDPR should start with an entry audit of the existing personal data processing procedures. After “surveying the ground” thoroughly, there comes the necessary changes proposal (contract and other documentation adjustments, staff training, procedure setting) and follow-up implementation thereof.
In conclusion we point out that preparation for GDPR is a complex matter. Within the frame of companies and organizations the GDPR covers a whole number of matters, with significant impact – besides “the law” especially in IT, security, management, etc. To get ready for GDPR thus means to revise your systems and procedures in personal data processing in all the spheres affected, and implement the necessary technological solutions.
We offer your company help with its preparations for the new European regulation on protection of individuals related to data processing and free circulation of such data
ARE YOU INTERESTED IN THE SERVICE?
CONTACT US: +420 212 242 807