1 / 12

“ Personal Data Security ”

“Albania”. “ Personal Data Security ”. Alketa Koja PR Specialist of The Commissioner for Personal Data Protection ALBANIA. Personal Data Security- The Law.

harlow
Télécharger la présentation

“ Personal Data Security ”

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. “Albania” “Personal Data Security” Alketa KojaPR Specialist of The Commissioner for Personal Data Protection ALBANIA

  2. Personal Data Security- The Law The Data Controller shall take measures in order to protect personal data (art.27 of Law on Data Protection). Also, the Data Controller should: • Instructs all operators concerning their obligations, in conformity with this law and the internal regulations on data protection, including the regulations on data security; • Personal data and their software shall be accessed only by authorized persons; • Prohibits access to the filing system and their use by unauthorized persons; • Records and documents the alteration, rectification, erasure, transfer, ecc..

  3. The Cases • Exofficio inspection • Regional Hospital of Vlora

  4. The ViolationsPersonal medical records stored in unsuitable environments.Central data register with no restriction in access. Personal data security

  5. How the Commissioner deal in this case? The Recommendations of DPA: • To provide safe environments with limited access to the files of the personal data subjects. • To ensure folders with sensitive personal data of data subjects in appropiate locations. • To take measures for employees to access the computers at the user level (not administrator) via the "username" and "password appropriate“.

  6. The Cases • Ex officio inspection • Kukes Municipality

  7. Personal data security The Violations • The lack of internal regulation on the protection of personal data. • The use of personal email for official communication. • No regulated access in the file system.

  8. How the Commissioner deal in this case? The Recommendations of DPA: • To take measures in order to approve and write an internal regulation specific to data protection. • To Take measures regarding communication through official electronic mail (e-mail), by applying the "Rules for the use of email in Public Administration", approved by the National Information Society Agency (NISA). • To take measures for employees to access the computers at the user level (not administrator) via the "username" and "password appropriate“.

  9. The Cases • Inspection based on a compliance. • The second inspection at this personal data controller. • The Albanian electricity distribution service.

  10. Personal data security • The Violation: • No specific consent for marketing purpose.

  11. How the Commissioner deal in this case? The Decision of the DPA • Huge amount of Personal data collected ignoring the Data Protection Law. • Personal Data Controller very well informed about the Law, due to continue relation with the Authority. • The DPA decided to set e fine for this Data Controller • The Data Controller objected the decision of the Commissioner in the Court.

  12. Komisioneri për Mbrojtjen e të Dhënave Personale Thank you for the attention! Hvala! The Commissioner for Personal Data Protection Adresa: Rr.“Abdi Toptani” Nr.4, Tiranë  Email: info@kmdp.al Tel:+355(4)2237200

More Related