Presentation is loading. Please wait.

Presentation is loading. Please wait.

Data Protection Office1 Training Course on Data Protection Nico Hilbert Assistant to the Data Protection Officer March 9th, 2005.

Published byEustacia Doyle Modified over 9 years ago

Similar presentations

Presentation on theme: "Data Protection Office1 Training Course on Data Protection Nico Hilbert Assistant to the Data Protection Officer March 9th, 2005."— Presentation transcript:

1 Data Protection Office1 Training Course on Data Protection Nico Hilbert Assistant to the Data Protection Officer xxxx.xxxxxxx@xxx.xx.xxx March 9th, 2005 Notification to the Data Protection Officer (DPO) and Access to the Register

2 Data Protection Office2 Objective of the presentation zGeneral principles for the Register zGeneral principles for Notifications zPrinciples for Commission specific aspects on Notifications - The Actors zWhy is the Notification system Online? zObjective of the IS NDPO&R

3 Data Protection Office3 Principles for the Register (1) zWhat is the “Register” of the DPO : yThe collection of all “Notifications” send to the DPO by “Controllers”; zWhy is a “Register” needed? yTo conform to Regulation 45/2001 as defined in article 26 - Register :Regulation 45/2001 x“A register of processing operations notified in accordance with Article 25 shall be kept by each Data Protection Officer”; x“The registers may be inspected by any person”;

4 Data Protection Office4 Principles for the Register (2) zWhat is the contents of the “Register”? yArticle 26 says: “The register shall contain at least the information referred to in Article 25(2)(a) to (g)”; (a) the name and address of the controller; (b) the purpose of the processing; (c) a description of the categories of data subjects and of the data or categories of data relating to them; (d) the legal basis of the processing; (e) the recipients or categories of recipient disclosed; (f) a general indication of the time limits for blocking and erasure of the different categories of data; (g) proposed transfers of data to third countries or international organisations.

5 Data Protection Office5 Principles for Notifications (1) zWhat is a “Notification” and who is responsible for it? yPrior notice of the “Controller” to the DPO of any processing operation (manual & electronic) in which personal data is involved; zWhen is a “Notification” needed? yIf personal data is processed; zWhy is a “Notification” needed? yTo conform to Regulation 45/2001 :Regulation 45/2001

6 Data Protection Office6 Principles for Notifications (2) xas defined in article 25 - Notification to the Data Protection Officer; xas defined in articles 24.1(e) - Data Protection Officer + 27 - Prior checking zWhat is the contents of a “Notification”? ySame information as requested by article 26 (Article 25(2)(a) to (g)”) + paragraph (h) of article 25; xArticle 25 (h) a general description allowing a preliminary assessment to be made of the appropriateness of the measures taken pursuant to Article 22 to ensure security of processing.

7 Data Protection Office7 Principles for Commission specific aspects on Notifications (1) zActors (Players) in the context of a “Notification” : yEuropean Data Protection Supervisor (EDPS): DPO submits to EDPS Notification for Prior checking;European Data Protection Supervisor (EDPS) yData Protection Officer (DPO): receives the Notification in the Register and gives prior-advice on it; yController: is responsible for the Notification;

8 Data Protection Office8 Principles for Commission specific aspects on Notifications (2) yDelegated Controller: A Delegated Controller may be designated by the Controller to prepare under his/her responsibility the notification to the DPO and to assure all the related co-ordination with the Data Protection Coordinator and others concerned with data protection inside or outside the respective Directorate General. yData protection Co-ordinator (DPC): gives advice and helps the Controller and Delegated Controller; yProcessor(s): process(es) personal data on behalf of the Controller;

9 Data Protection Office9 Principles for Commission specific aspects on Notifications (3) yProject leader/Developer/IRM/HU DC: help to fill-in Notification concerning specific aspects related to their implication in the definition resp. execution/operation of the processing.

10 Data Protection Office10 Interaction between Main Players European Data Protection Supervisor (EDPS) Data Protection Officer (DPO) Register DG Data Protection Coordinator Controller Data Subjects Any body

11 Data Protection Office11 The Online Information System NDPO&R zImplements Regulation 45/2001 zBrowser based (Internet Explorer) zOnline Notification System and Access to the Register which translate articles 25+26 + zWrites notifications into the DPO’s “Register” - translates article 26 zHas a built-in workflow system (see actors)

12 Data Protection Office12 Why is the Notification system Online? zTo avoid any interaction of the DPO with the content of the final Notification zTo avoid that the DPO is involved in the process of writing notifications in the Register zTo give an integrated help (legal and question based) zTo have all legal references needed available online zTo interact electronically between actors in preparing notifications zTo keep independent electronic track of prior advice by DPO and EDPS for legal reasons zTo have integrated access of Data Subjects

13 Data Protection Office13 Objective of the IS NDPO&R zTo implement (parts of) Regulation 45/2001 ymainly articles 25 and 26 zThe prior Notification of Controllers to the DPO of all processing operations performed upon personal data by the institution zThe creation of the Register of the DPO zThe public access to the Register as requested by article 26

14 Data Protection Office14 Notification to the Data Protection Officer (DPO) zSince October 2003 the DPO has also made available on his web site on IntraComm a Simplified Notification System for small adhoc “processing of personal data” ythis new system is compatible with the standard online Notification System zAny Questions? zThank you for your attention!

Download ppt "Data Protection Office1 Training Course on Data Protection Nico Hilbert Assistant to the Data Protection Officer March 9th, 2005."

Similar presentations

PUBLISH NOTIFY / TAKE COMMENTS ANSWER ENQUIRIES Notification Obligations 1.Statement on Implementation 2.Notification of Technical Regulations or Conformity.

PUBLISH NOTIFY / TAKE COMMENTS ANSWER ENQUIRIES Notification Obligations 1.Statement on Implementation 2.Notification of Technical Regulations or Conformity.
Public Sector Information & Data Protection: A plea for personal privacy settings for the re-use of PSI Bart van der Sloot Institute for Information Law.

Public Sector Information & Data Protection: A plea for personal privacy settings for the re-use of PSI Bart van der Sloot Institute for Information Law.
PRIVACY ASPECTS OF RE-USE OF PSI: BETWEEN PRIVATE AND PUBLIC SECTOR

PRIVACY ASPECTS OF RE-USE OF PSI: BETWEEN PRIVATE AND PUBLIC SECTOR
Regional Policy Delegated Act on the methodology for the quality review of major projects 1 Expert Group on Delegated and Implementing Acts for the ESI.

Regional Policy Delegated Act on the methodology for the quality review of major projects 1 Expert Group on Delegated and Implementing Acts for the ESI.
European Data Protection Supervisor EC Data Protection Conference, Brussels, 20 May 2009 Transparency and Notification in the Age of Internet: more Effective.

European Data Protection Supervisor EC Data Protection Conference, Brussels, 20 May 2009 Transparency and Notification in the Age of Internet: more Effective.
Identifying Data Protection Issues Developing Lifelong Learner Record Systems and ePortfolios in FE and HE: Planning for, and Coping with, Legal Issues.

Identifying Data Protection Issues Developing Lifelong Learner Record Systems and ePortfolios in FE and HE: Planning for, and Coping with, Legal Issues.
DATA PROTECTION and Research University Research Ethics Committee – 30.05.2008 David Cauchi David Cauchi Office of the Commissioner for Data Protection.

DATA PROTECTION and Research University Research Ethics Committee – David Cauchi David Cauchi Office of the Commissioner for Data Protection.
Sarajevo, October 17, 2008.   The institution of the Unit was in line with the strategy adopted by the Italian Government in the Region and its work.

Sarajevo, October 17,   The institution of the Unit was in line with the strategy adopted by the Italian Government in the Region and its work.
1 The Data Protection Officer at work Experience, good practices and lessons learnt Pierre Vernhes – former DPO at the Council of the EU Workshop on Data.

1 The Data Protection Officer at work Experience, good practices and lessons learnt Pierre Vernhes – former DPO at the Council of the EU Workshop on Data.
Rule-Making Book II EU Administrative Procedures – The ReNEUAL Draft Model Rules 2014 Brussels, May 19-20 th 2014 1 Herwig C.H. Hofmann University of Luxembourg.

Rule-Making Book II EU Administrative Procedures – The ReNEUAL Draft Model Rules 2014 Brussels, May th Herwig C.H. Hofmann University of Luxembourg.
Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.

Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.
Auditing, Assurance and Governance in Local Government

Auditing, Assurance and Governance in Local Government
Www.dataprotection.gov.je The Data Protection (Jersey) Law 2005.

The Data Protection (Jersey) Law 2005.
Paola Lucantoni Financial Market Law and Regulation.

Paola Lucantoni Financial Market Law and Regulation.
Brussels, 12 July 2006 Klaus-Otto JUNGINGER-DITTEL State aid rules and programming of Structural Fund’s programs for 2007-2013.

Brussels, 12 July 2006 Klaus-Otto JUNGINGER-DITTEL State aid rules and programming of Structural Fund’s programs for
Data Protection and the GRA. 1. Commentary on Data Protection 2. The GRA’s Role The Register Investigations, Mediation and Compensation Enforcement Notices.

Data Protection and the GRA. 1. Commentary on Data Protection 2. The GRA’s Role The Register Investigations, Mediation and Compensation Enforcement Notices.
What does the Data Protection Act do? It sets standards which must be satisfied when obtaining, recording, holding, using, disclosing or disposing of.

What does the Data Protection Act do? It sets standards which must be satisfied when obtaining, recording, holding, using, disclosing or disposing of.
Supervision of the quality of water intended for human consumption by State Sanitary Inspection bodies Małgorzata Kedzierska Environmental Hygiene Dept.

Supervision of the quality of water intended for human consumption by State Sanitary Inspection bodies Małgorzata Kedzierska Environmental Hygiene Dept.
EU: Bilateral Agreements of Member States

EU: Bilateral Agreements of Member States
EU: Bilateral Agreements of Member States. Formerly concluded international agreements of Member States with third countries Article 351 TFEU The rights.

EU: Bilateral Agreements of Member States. Formerly concluded international agreements of Member States with third countries Article 351 TFEU The rights.

Similar presentations

Ads by Google