Standards of and the approach to the personal data protection were consolidated in the entire European Union.
Adoption in 2016 of the Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation – GDPR) is a major change in the scope of personal data protection.
Apart from the GDPR regulation, applicable will also be domestic regulations and guidelines.
Time for changes
The GDPR will apply from 25 May 2018.
This is the deadline, by which organizations must be ready with all their preparations to the compliance with GDPR.
In order to comply with the amended provisions, organizations are required to introduce numerous organizational and information technology solutions.
- New conditions for obtaining consent
- New rights granted to natural persons
- Privacy by Design & by Default
- Obligatory cases of appointment of a data protection officer (DPO)
- Obowiązkowe przypadki powołania Inspektora Danych Osobowych (DPO)
- Obligatory reporting of breaches concerning personal data protection
A failure to comply with new provisions will expose an organization (controllers and processors) to a risk of being imposed a fine of up to EUR 10-20 million or up to 2%-4% of its annual global turnover.
About the training
A change of approach to the personal data protection will require a thorough understanding of new principles.
Lawyers of D.Dobkowski sp.k., a law firm associated with KPMG, help organizations to respond to legislation changes.
We are ready to provide you with a training session tailored to your needs.
The course is addressed in particular to managerial staff, persons responsible for personal data protection and processing, data and IT security.